chore(docs): Admin requirements for creating worker groups

[isshaddad]

Adds documentation for creating additional worker groups via the admin API endpoint, including how to make users admin (new vs existing users), and clarifies that ADMIN_EMAILS only applies on signup.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 471d486

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Documentation updates across multiple guides: added warnings in the Puppeteer example prohibiting screenshots; added a new "Creating additional worker groups" section in the Docker self-hosting guide with admin setup and curl examples for creating worker groups (notes that a token is returned on creation); clarified that ADMIN_EMAILS applies at signup and does not affect existing users; and revised deployment/environment wording to encourage preview branches for isolated environments and to specify prod/staging environment naming in deployment instructions.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is incomplete. It lacks required sections from the template: Closes reference, Testing, Changelog, Screenshots, and the contribution checklist.	Add the missing template sections including issue reference, testing steps, changelog description, and the contribution checklist with appropriate checkboxes.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main focus of the PR, which is documenting admin requirements and procedures for creating worker groups.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

📜 Recent review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 37a9a31 and 471d486.

📒 Files selected for processing (2)

• docs/deployment/overview.mdx
• docs/how-it-works.mdx

🧰 Additional context used

🧠 Learnings (16)

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Use environment variable TRIGGER_SECRET_KEY when triggering tasks from backend code

Applied to files:

• docs/deployment/overview.mdx

📚 Learning: 2025-06-06T23:55:01.933Z

Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 2155
File: hosting/docker/.env.example:4-7
Timestamp: 2025-06-06T23:55:01.933Z
Learning: In the trigger.dev project, .env.example files should contain actual example secret values rather than placeholders, as these help users understand the expected format. The files include clear warnings about not using these defaults in production and instructions for generating proper secrets.

Applied to files:

• docs/deployment/overview.mdx

📚 Learning: 2025-08-19T09:49:07.011Z

Learnt from: julienvanbeveren
Repo: triggerdotdev/trigger.dev PR: 2417
File: apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.import.ts:56-61
Timestamp: 2025-08-19T09:49:07.011Z
Learning: In the Trigger.dev codebase, environment variables should default to `isSecret: false` when not explicitly marked as secrets in the syncEnvVars functionality. This is the intended behavior for both regular variables and parent variables.

Applied to files:

• docs/deployment/overview.mdx

📚 Learning: 2025-11-10T09:09:07.399Z

Learnt from: myftija
Repo: triggerdotdev/trigger.dev PR: 2663
File: apps/webapp/app/env.server.ts:1205-1206
Timestamp: 2025-11-10T09:09:07.399Z
Learning: In the trigger.dev webapp, S2_ACCESS_TOKEN and S2_DEPLOYMENT_LOGS_BASIN_NAME environment variables must remain optional until an OSS version of S2 is available, to avoid breaking environments that don't have S2 provisioned.

Applied to files:

• docs/deployment/overview.mdx
• docs/how-it-works.mdx

📚 Learning: 2025-11-27T16:26:58.661Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/webapp.mdc:0-0
Timestamp: 2025-11-27T16:26:58.661Z
Learning: Applies to apps/webapp/app/**/*.{ts,tsx} : Access all environment variables through the `env` export of `env.server.ts` instead of directly accessing `process.env` in the Trigger.dev webapp

Applied to files:

• docs/deployment/overview.mdx
• docs/how-it-works.mdx

📚 Learning: 2025-06-25T13:20:17.174Z

Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 2195
File: hosting/k8s/helm/values.yaml:22-51
Timestamp: 2025-06-25T13:20:17.174Z
Learning: In the Trigger.dev Helm chart values.yaml, the maintainer prefers to use explicit comprehensive warnings for security-sensitive default values rather than implementing secure-by-default behavior that would fail installation. The project uses deterministic default secrets with clear "TESTING ONLY" warnings and instructions for production deployment.

Applied to files:

• docs/deployment/overview.mdx

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Run `npx trigger.devlatest init` to initialize a Trigger.dev project

Applied to files:

• docs/deployment/overview.mdx
• docs/how-it-works.mdx

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Run `npx trigger.devlatest dev` to start the Trigger.dev development server

Applied to files:

• docs/deployment/overview.mdx
• docs/how-it-works.mdx

📚 Learning: 2025-06-25T14:14:11.965Z

Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 2195
File: hosting/k8s/helm/values-production-example.yaml:95-102
Timestamp: 2025-06-25T14:14:11.965Z
Learning: In the Trigger.dev Helm chart production examples, the maintainer prefers to include initial/bootstrap credentials with clear warnings that they should be changed after first login, rather than requiring external secret references that could complicate initial setup. This follows their pattern of providing working examples with explicit security guidance.

Applied to files:

• docs/deployment/overview.mdx

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Applies to **/trigger.config.ts : Use build extensions in trigger.config.ts (additionalFiles, additionalPackages, aptGet, prismaExtension, etc.) to customize the build

Applied to files:

• docs/deployment/overview.mdx

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Applies to **/trigger/**/*.{ts,tsx,js,jsx} : Use the `task()` function from `trigger.dev/sdk/v3` to define tasks with id and run properties

Applied to files:

• docs/how-it-works.mdx

📚 Learning: 2025-10-08T11:48:12.327Z

Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 2593
File: packages/core/src/v3/workers/warmStartClient.ts:168-170
Timestamp: 2025-10-08T11:48:12.327Z
Learning: The trigger.dev runners execute only in Node 21 and 22 environments, so modern Node.js APIs like AbortSignal.any (introduced in v20.3.0) are supported.

Applied to files:

• docs/how-it-works.mdx

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Applies to **/trigger/**/*.{ts,tsx,js,jsx} : Use `trigger.dev/sdk/v3` for all imports in Trigger.dev tasks

Applied to files:

• docs/how-it-works.mdx

📚 Learning: 2025-11-27T16:27:35.304Z

Learnt from: CR
Repo: triggerdotdev/trigger.dev PR: 0
File: .cursor/rules/writing-tasks.mdc:0-0
Timestamp: 2025-11-27T16:27:35.304Z
Learning: Applies to **/trigger.config.ts : Configure Trigger.dev project in `trigger.config.ts` using `defineConfig()` with project ref and task directories

Applied to files:

• docs/how-it-works.mdx

📚 Learning: 2025-08-14T10:35:38.344Z

Learnt from: myftija
Repo: triggerdotdev/trigger.dev PR: 2391
File: packages/cli-v3/src/commands/login.ts:99-0
Timestamp: 2025-08-14T10:35:38.344Z
Learning: Organization access tokens (OATs) can be used for CLI deployments via TRIGGER_ACCESS_TOKEN environment variable, functioning similarly to personal access tokens (PATs) for this use case.

Applied to files:

• docs/how-it-works.mdx

📚 Learning: 2025-06-06T16:54:23.316Z

Learnt from: nicktrn
Repo: triggerdotdev/trigger.dev PR: 2155
File: docs/docs.json:179-183
Timestamp: 2025-06-06T16:54:23.316Z
Learning: In the docs.json configuration for the Trigger.dev documentation (Mintlify system), both "tags": ["v4"] and "tag": "v4" properties can be used together and work correctly, even though this behavior is undocumented and may not work in local development environments.

Applied to files:

• docs/how-it-works.mdx

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Analyze (javascript-typescript)

🔇 Additional comments (2)

docs/how-it-works.mdx (1)

433-435: LGTM!

The documentation update clearly specifies the available environment options (prod and staging) and appropriately directs users to preview branches for additional isolated environments. The wording is consistent with the related changes in docs/deployment/overview.mdx.

docs/deployment/overview.mdx (1)

183-183: LGTM!

The update provides clear guidance for users needing additional environments beyond the built-in prod and staging. The wording is consistent with the parallel update in docs/how-it-works.mdx, and the link to the preview branches documentation is valid and properly formatted.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[vibe-kanban-cloud]

Review Complete

Your review story is ready!

View Story

Comment !reviewfast on this PR to re-generate the story.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@docs/guides/examples/puppeteer.mdx`:
- Around line 153-157: The shared snippet web-scraping-warning.mdx is missing
the sentence "Screenshots are also prohibited when scraping."—update that
snippet to match the local warning in docs/guides/examples/puppeteer.mdx by
adding the exact sentence into the <Warning> block so all pages importing
/snippets/web-scraping-warning.mdx consistently state that screenshots are
prohibited when scraping.

🧹 Nitpick comments (1)

docs/self-hosting/docker.mdx (1)

187-210: LGTM!

The new section clearly documents how to create additional worker groups via the admin API. The instructions for making users admin are consistent with the updated ADMIN_EMAILS description in webapp.mdx.

Consider adding an example of the expected response format (especially showing the token field mentioned in line 209) to help users understand what to look for:

The response includes a `token` field if the worker group is newly created:

\`\`\`json
{
  "id": "...",
  "name": "my-worker",
  "token": "tr_wgt_..."
}
\`\`\`

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6f26acb and 37a9a31.

📒 Files selected for processing (3)

• docs/guides/examples/puppeteer.mdx
• docs/self-hosting/docker.mdx
• docs/self-hosting/env/webapp.mdx

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Mintlify Deployment

🔇 Additional comments (1)

docs/self-hosting/env/webapp.mdx (1)

145-145: LGTM!

The clarification that ADMIN_EMAILS only applies at signup and does not affect existing users is helpful. This aligns well with the new documentation in docker.mdx that explains existing users must be promoted via the database.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check if the shared ScrapingWarning snippet also includes the screenshot prohibition
fd -t f "web-scraping-warning.mdx" --exec cat {}

Repository: triggerdotdev/trigger.dev

Length of output: 437

---

Update the shared warning snippet for consistency.

The local warning block at lines 153-157 correctly includes "Screenshots are also prohibited when scraping." However, the shared snippet at /snippets/web-scraping-warning.mdx does not contain this policy. Update the shared snippet to include the screenshot prohibition so the policy is communicated consistently across all pages that import it.

🤖 Prompt for AI Agents

In `@docs/guides/examples/puppeteer.mdx` around lines 153 - 157, The shared
snippet web-scraping-warning.mdx is missing the sentence "Screenshots are also
prohibited when scraping."—update that snippet to match the local warning in
docs/guides/examples/puppeteer.mdx by adding the exact sentence into the
<Warning> block so all pages importing /snippets/web-scraping-warning.mdx
consistently state that screenshots are prohibited when scraping.