diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 3453d6915d..ea8d061887 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -11,6 +11,11 @@ on:
     paths:
       - '**/*.js'
       - '.github/workflows/codeql.yml'
+  # This is so that when CodeQL runs on a pull request, it can compare
+  # against the state of the base branch.
+  push:
+    branches:
+      - main
 
 permissions:
   actions: read
@@ -33,3 +38,9 @@ jobs:
           languages: javascript # comma separated list of values from {go, python, javascript, java, cpp, csharp, ruby}
       - uses: github/codeql-action/analyze@32dc499307d133bb5085bae78498c0ac2cf762d5
         continue-on-error: true
+
+      - uses: ./.github/actions/slack-alert
+        if: ${{ failure() && github.event_name != 'pull_request' }}
+        with:
+          slack_channel_id: ${{ secrets.DOCS_ALERTS_SLACK_CHANNEL_ID }}
+          slack_token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}