134 lines
4.7 KiB
Markdown
134 lines
4.7 KiB
Markdown
# Production Checklist
|
|
|
|
Checklist ini dipakai untuk menilai apakah `bizone-web` sudah layak masuk staging dan production.
|
|
|
|
Status yang dipakai:
|
|
- `[x]` sudah siap
|
|
- `[~]` sebagian / perlu verifikasi lanjutan
|
|
- `[ ]` belum siap
|
|
|
|
## Critical Before Go-Live
|
|
|
|
- [ ] Meta webhook handshake diuji dengan callback URL publik `https`
|
|
- [ ] Meta outbound send diuji dengan `accessToken` dan `phoneNumberId` nyata
|
|
- [ ] Meta status callback (`sent`, `delivered`, `read`, `failed`) diverifikasi masuk ke sistem
|
|
- [ ] Permission audit selesai untuk role `admin`, `editor`, dan `agent`
|
|
- [ ] Secrets production dipindah ke env/secret manager nyata
|
|
- [ ] Backup database dan restore drill dibuktikan
|
|
- [ ] Staging environment tersedia dan menyerupai production
|
|
- [ ] CI/CD deploy flow menjalankan build, migrate, dan smoke test
|
|
- [ ] Monitoring dan alerting aktif untuk backend, DB, Redis, webhook, dan queue
|
|
- [ ] Full smoke test lintas auth, templates, campaigns, conversations, webhook, dan settings selesai
|
|
|
|
## Auth And Security
|
|
|
|
- [x] Login flow aktif
|
|
- [x] Refresh token + logout invalidation aktif
|
|
- [x] Redis rate limiting untuk login flow aktif
|
|
- [x] Forgot password flow aktif
|
|
- [x] Reset password flow aktif
|
|
- [x] 2FA + recovery codes aktif
|
|
- [~] Security notification emails sudah diimplementasikan, belum diuji SMTP end-to-end
|
|
- [~] Session management baru `single-session`
|
|
- [ ] Multi-device session history
|
|
- [ ] Revoke session per device
|
|
- [ ] Security event review workflow / alert dashboard
|
|
|
|
## Users, Roles, Permissions
|
|
|
|
- [x] Role CRUD tersedia
|
|
- [x] Permission guard backend untuk `templates`, `campaigns`, `users`, `roles`
|
|
- [~] Fallback permission matrix tersedia untuk `admin`, `editor`, `agent`
|
|
- [ ] Audit semua route sensitif lain di backend
|
|
- [ ] Role-based test cases untuk `editor` dan `agent`
|
|
- [ ] Frontend permission-aware UX yang konsisten
|
|
|
|
## Templates
|
|
|
|
- [x] Model database `message_templates`
|
|
- [x] Migrasi template aktif
|
|
- [x] Template list live dari backend
|
|
- [x] Template builder create/edit live
|
|
- [x] Search/filter template dasar
|
|
- [ ] Delete/archive template
|
|
- [ ] Versioning template
|
|
- [ ] Approval sync dengan Meta
|
|
- [ ] Reject reason sync dari Meta
|
|
|
|
## Campaigns
|
|
|
|
- [x] Campaign CRUD internal tersedia
|
|
- [x] Campaign create/update memvalidasi template live
|
|
- [x] Queue scheduling dasar tersedia
|
|
- [~] Campaign delivery/reporting masih dominan internal
|
|
- [ ] Campaign form memakai dropdown/source template live
|
|
- [ ] Audience resolution yang matang
|
|
- [ ] Deduplication tervalidasi
|
|
- [ ] Retry policy diaudit end-to-end
|
|
- [ ] Delivery tracking real dari Meta diuji live
|
|
|
|
## Conversations
|
|
|
|
- [x] Conversation list/detail live
|
|
- [x] Reply tersimpan ke DB
|
|
- [x] Inbound webhook sync ke inbox
|
|
- [x] Assignment dasar tersedia
|
|
- [x] Unread/read flow dasar tersedia
|
|
- [~] Outbound provider path sudah ada, belum diuji ke Meta real
|
|
- [ ] Internal notes
|
|
- [ ] Rich agent tooling / SLA / escalation flow
|
|
|
|
## Webhook And Integrations
|
|
|
|
- [x] WhatsApp integration settings tersedia
|
|
- [x] Verify token flow tersedia
|
|
- [x] Signature validation path tersedia
|
|
- [x] Webhook retry/replay dasar tersedia
|
|
- [x] Callback URL production target sudah ditetapkan: `https://portal.bizone.id/api/webhooks/whatsapp`
|
|
- [x] Health check production target sudah ditetapkan: `https://portal.bizone.id/api/health`
|
|
- [ ] Provider real test terhadap Meta
|
|
- [ ] Failure handling terhadap response Meta nyata tervalidasi
|
|
- [ ] Webhook observability yang lebih matang
|
|
|
|
## Infra And Ops
|
|
|
|
- [x] Env validation production dasar tersedia
|
|
- [x] HTTPS constraints production dasar tersedia
|
|
- [x] CORS production config dasar tersedia
|
|
- [x] Artefak deploy Debian 12 tersedia di `deploy/debian12`
|
|
- [ ] Staging deployment final
|
|
- [ ] Reverse proxy/domain setup final
|
|
- [ ] Backup/restore SOP terdokumentasi
|
|
- [ ] Log aggregation / error tracking
|
|
- [ ] Queue monitoring dashboard matang
|
|
- [ ] Incident runbook
|
|
|
|
## Build And Release
|
|
|
|
- [x] Backend build sukses
|
|
- [x] Frontend build sukses
|
|
- [x] Prisma migration flow aktif
|
|
- [x] Legacy baseline script tersedia
|
|
- [ ] Automated deploy pipeline final
|
|
- [ ] Post-deploy smoke checks terdokumentasi
|
|
- [ ] Rollback strategy terdokumentasi
|
|
|
|
## Recommended Order
|
|
|
|
1. Siapkan `staging`.
|
|
2. Sambungkan dan uji `Meta` end-to-end.
|
|
3. Audit `permissions` untuk semua role.
|
|
4. Lengkapi `campaign UI` agar memakai template live.
|
|
5. Pasang `monitoring`, `backup`, dan `CI/CD`.
|
|
6. Jalankan full smoke test.
|
|
7. Baru deploy production.
|
|
|
|
## Production Targets
|
|
|
|
- App URL: `https://portal.bizone.id`
|
|
- API base URL: `https://portal.bizone.id/api`
|
|
- Health check: `https://portal.bizone.id/api/health`
|
|
- Meta callback URL: `https://portal.bizone.id/api/webhooks/whatsapp`
|
|
- Meta verify token source: env `WEBHOOK_VERIFY_TOKEN`
|
|
- Alternate provider webhook URL: `https://portal.bizone.id/api/webhooks/whatsapp/meta`
|