Automate rolling back a publish that breaks CI

Hi, we’re using Contentful webhooks to trigger builds for a complex website, and we’re using previews to look at individual pages, but sometimes subtle changes by another team (which are intended to be published; we don’t want them to always have to go through us) can cause problems with the build, which blocks production deploys.

What’s a good way to roll back changes contingent on whether a build succeeds or fails? One idea I had was doing a scheduled publish, and when everything is cleared, move the schedule up, otherwise delete it. But this seems a bit ungainly. Is there a better way?