wirabasalamah/BizOne-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9864d3f0333b2d3d104c353818e001857c259d28
BizOne-portal/PRODUCTION_CHECKLIST.md

4.7 KiB
Raw Blame History

Production Checklist

Checklist ini dipakai untuk menilai apakah bizone-web sudah layak masuk staging dan production.

Status yang dipakai:

  • [x] sudah siap
  • [~] sebagian / perlu verifikasi lanjutan
  • [ ] belum siap

Critical Before Go-Live

  • Meta webhook handshake diuji dengan callback URL publik https
  • Meta outbound send diuji dengan accessToken dan phoneNumberId nyata
  • Meta status callback (sent, delivered, read, failed) diverifikasi masuk ke sistem
  • Permission audit selesai untuk role admin, editor, dan agent
  • Secrets production dipindah ke env/secret manager nyata
  • Backup database dan restore drill dibuktikan
  • Staging environment tersedia dan menyerupai production
  • CI/CD deploy flow menjalankan build, migrate, dan smoke test
  • Monitoring dan alerting aktif untuk backend, DB, Redis, webhook, dan queue
  • Full smoke test lintas auth, templates, campaigns, conversations, webhook, dan settings selesai

Auth And Security

  • Login flow aktif
  • Refresh token + logout invalidation aktif
  • Redis rate limiting untuk login flow aktif
  • Forgot password flow aktif
  • Reset password flow aktif
  • 2FA + recovery codes aktif
  • [~] Security notification emails sudah diimplementasikan, belum diuji SMTP end-to-end
  • [~] Session management baru single-session
  • Multi-device session history
  • Revoke session per device
  • Security event review workflow / alert dashboard

Users, Roles, Permissions

  • Role CRUD tersedia
  • Permission guard backend untuk templates, campaigns, users, roles
  • [~] Fallback permission matrix tersedia untuk admin, editor, agent
  • Audit semua route sensitif lain di backend
  • Role-based test cases untuk editor dan agent
  • Frontend permission-aware UX yang konsisten

Templates

  • Model database message_templates
  • Migrasi template aktif
  • Template list live dari backend
  • Template builder create/edit live
  • Search/filter template dasar
  • Delete/archive template
  • Versioning template
  • Approval sync dengan Meta
  • Reject reason sync dari Meta

Campaigns

  • Campaign CRUD internal tersedia
  • Campaign create/update memvalidasi template live
  • Queue scheduling dasar tersedia
  • [~] Campaign delivery/reporting masih dominan internal
  • Campaign form memakai dropdown/source template live
  • Audience resolution yang matang
  • Deduplication tervalidasi
  • Retry policy diaudit end-to-end
  • Delivery tracking real dari Meta diuji live

Conversations

  • Conversation list/detail live
  • Reply tersimpan ke DB
  • Inbound webhook sync ke inbox
  • Assignment dasar tersedia
  • Unread/read flow dasar tersedia
  • [~] Outbound provider path sudah ada, belum diuji ke Meta real
  • Internal notes
  • Rich agent tooling / SLA / escalation flow

Webhook And Integrations

  • WhatsApp integration settings tersedia
  • Verify token flow tersedia
  • Signature validation path tersedia
  • Webhook retry/replay dasar tersedia
  • Callback URL production target sudah ditetapkan: https://portal.bizone.id/api/webhooks/whatsapp
  • Health check production target sudah ditetapkan: https://portal.bizone.id/api/health
  • Provider real test terhadap Meta
  • Failure handling terhadap response Meta nyata tervalidasi
  • Webhook observability yang lebih matang

Infra And Ops

  • Env validation production dasar tersedia
  • HTTPS constraints production dasar tersedia
  • CORS production config dasar tersedia
  • Artefak deploy Debian 12 tersedia di deploy/debian12
  • Staging deployment final
  • Reverse proxy/domain setup final
  • Backup/restore SOP terdokumentasi
  • Log aggregation / error tracking
  • Queue monitoring dashboard matang
  • Incident runbook

Build And Release

  • Backend build sukses
  • Frontend build sukses
  • Prisma migration flow aktif
  • Legacy baseline script tersedia
  • Automated deploy pipeline final
  • Post-deploy smoke checks terdokumentasi
  • Rollback strategy terdokumentasi

Recommended Order

  1. Siapkan staging.
  2. Sambungkan dan uji Meta end-to-end.
  3. Audit permissions untuk semua role.
  4. Lengkapi campaign UI agar memakai template live.
  5. Pasang monitoring, backup, dan CI/CD.
  6. Jalankan full smoke test.
  7. Baru deploy production.

Production Targets

  • App URL: https://portal.bizone.id
  • API base URL: https://portal.bizone.id/api
  • Health check: https://portal.bizone.id/api/health
  • Meta callback URL: https://portal.bizone.id/api/webhooks/whatsapp
  • Meta verify token source: env WEBHOOK_VERIFY_TOKEN
  • Alternate provider webhook URL: https://portal.bizone.id/api/webhooks/whatsapp/meta