From 3a6da8c432e58c31901aed2e53945bb71b04db9d Mon Sep 17 00:00:00 2001
From: Rishav karanjit <karanjitrishav4@gmail.com>
Date: Fri, 16 Jan 2026 13:18:09 -0800
Subject: [PATCH 1/4] Enhance daily CI workflow with failure notifications

Added a notification job for failed daily CI runs.
---
 .github/workflows/daily_ci.yml | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml
index 959983a27..e2a2c0c71 100644
--- a/.github/workflows/daily_ci.yml
+++ b/.github/workflows/daily_ci.yml
@@ -4,9 +4,22 @@ name: Daily CI
 on:
   schedule:
     - cron: "00 15 * * 1-5"
-
+  pull_request:
+    paths:
+      .github/workflows/daily_ci.yml
 jobs:
   DAILY_CI:
     # Don't run the cron builds on forks
     if: github.event_name != 'schedule' || github.repository_owner == 'aws'
-    uses: ./.github/workflows/ci.yml
\ No newline at end of file
+    uses: ./.github/workflows/ci.yml
+  notify:
+    needs:
+      [
+        DAILY_CI
+      ]
+    if: ${{ failure() && github.event_name != 'schedule'}}
+    uses: ./.github/workflows/slack-notification.yml
+    with:
+      message: "Daily CI failed on `${{ github.repository }}`. View run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_CI }}

From babee7bde7112367239f39e80eac181a0c885292 Mon Sep 17 00:00:00 2001
From: Rishav karanjit <karanjitrishav4@gmail.com>
Date: Fri, 16 Jan 2026 13:19:40 -0800
Subject: [PATCH 2/4] Change condition for Slack notification on CI failure

---
 .github/workflows/daily_ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml
index e2a2c0c71..8704f4926 100644
--- a/.github/workflows/daily_ci.yml
+++ b/.github/workflows/daily_ci.yml
@@ -17,7 +17,7 @@ jobs:
       [
         DAILY_CI
       ]
-    if: ${{ failure() && github.event_name != 'schedule'}}
+    if: ${{ failure() && github.event_name == 'schedule'}}
     uses: ./.github/workflows/slack-notification.yml
     with:
       message: "Daily CI failed on `${{ github.repository }}`. View run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"

From e0784a9cf8236bb583c2b89a4ac40a09929c35ca Mon Sep 17 00:00:00 2001
From: Rishav karanjit <karanjitrishav4@gmail.com>
Date: Fri, 16 Jan 2026 13:20:17 -0800
Subject: [PATCH 3/4] Update Daily CI workflow with permissions

Added permissions for id-token and contents.
---
 .github/workflows/daily_ci.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml
index 8704f4926..a77b20d27 100644
--- a/.github/workflows/daily_ci.yml
+++ b/.github/workflows/daily_ci.yml
@@ -1,6 +1,10 @@
 # This workflow runs every weekday at 15:00 UTC (8AM PDT)
 name: Daily CI
 
+permissions:
+  id-token: write
+  contents: read
+  
 on:
   schedule:
     - cron: "00 15 * * 1-5"

From 9bcb3ff13618c6e8160d589ca08d84dd24af5ee3 Mon Sep 17 00:00:00 2001
From: Rishav karanjit <karanjitrishav4@gmail.com>
Date: Fri, 16 Jan 2026 13:21:44 -0800
Subject: [PATCH 4/4] Add GitHub Actions workflow for issue notifications

---
 .github/workflows/issue-notification.yml | 25 ++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/issue-notification.yml

diff --git a/.github/workflows/issue-notification.yml b/.github/workflows/issue-notification.yml
new file mode 100644
index 000000000..af85aa075
--- /dev/null
+++ b/.github/workflows/issue-notification.yml
@@ -0,0 +1,25 @@
+name: Issue Created Notification
+permissions:
+  contents: read
+on:
+  issues:
+    types: [opened, reopened]
+  issue_comment:
+    types: [created]
+
+jobs:
+  notify-issue:
+    if: github.event_name == 'issues'
+    uses: aws/aws-cryptographic-material-providers-library/.github/workflows/slack-notification.yml@main
+    with:
+      message: "New github issue `${{ github.event.issue.title }}`. Link: ${{ github.event.issue.html_url }}"
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GHI }}
+
+  notify-comment:
+    if: github.event_name == 'issue_comment' && !github.event.issue.pull_request
+    uses: aws/aws-cryptographic-material-providers-library/.github/workflows/slack-notification.yml@main
+    with:
+      message: "New comment on issue `${{ github.event.issue.title }}`. Link: ${{ github.event.comment.html_url }}"
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GHI }}