wirabasalamah/Qris-Soundbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
648e77cee9648c34b010940d93610bec8007ae50
Qris-Soundbox/DEPLOYMENT_READINESS.md

3.4 KiB
Raw Blame History

Deployment Readiness

Production Preflight

Run this before deploying a production candidate:

npm run typecheck
npm run db:migrate
npm audit
npm run smoke:e2e
npm run deploy:check-env
npm run mqtt:check-acl -- --file /etc/mosquitto/acl

Use npm run smoke:mqtt-real separately after Mosquitto ACL, backend credential, and broker networking are ready. Use npm run smoke:mqtt-acl with two provisioned device credentials before hardware pilot.

Required Production Controls

  • Create production admin users with npm run admin:create-user -- --email <email> --name <name> --role <role> --password <strong-password>.
  • Create merchant portal users with npm run merchant:create-user -- --merchant <merchant-id-or-code> --email <email> --name <name> --role <role> --password <strong-password>.
  • Set ADMIN_DEV_LOGIN_ENABLED=false.
  • Set ADMIN_AUTH_ALLOW_LEGACY_TOKEN=false after admin users and roles are configured.
  • Set MERCHANT_DEV_LOGIN_ENABLED=false.
  • Set MERCHANT_AUTH_ALLOW_LEGACY_TOKEN=false after merchant portal users are configured.
  • Set DEVICE_AUTH_ALLOW_LEGACY_TOKEN=false after all devices use per-device credentials.
  • Set ADMIN_SESSION_SECRET, INTEGRATION_WEBHOOK_SECRET, MQTT_PASSWORD, and database credentials to strong non-default values.
  • Set MQTT_PUBLISH_MODE=broker.
  • Set MQTT_SUBSCRIBE_ENABLED=true when broker uplink observability is needed.
  • Keep EXPORT_WORKER_ENABLED=true for async export processing, or run a dedicated app instance with the worker enabled.
  • Set EXPORT_STORAGE_DIR to a backed-up writable directory and set EXPORT_RETENTION_DAYS according to finance retention needs.
  • Use an absolute EXPORT_STORAGE_DIR; see EXPORT_STORAGE_READINESS.md for single-node vs multi-node notes.
  • Keep RATE_LIMIT_ENABLED=true and tune rate limit env values for expected pilot traffic.
  • Set TRUST_PROXY=true when behind a reverse proxy/load balancer.
  • Set JSON_BODY_LIMIT to the smallest practical request body limit.
  • Set SETTLEMENT_ADJUSTMENT_REQUIRE_APPROVAL=true for finance approval control.

Operational Checks

  • Confirm /health, /admin/health, and /admin/mqtt/status.
  • Confirm /health/deep and /admin/health/deep for DB/MQTT readiness.
  • Confirm /admin/observability/summary for notification failure, settlement mismatch, DB, and MQTT summary.
  • Confirm async export worker status in /admin/observability/summary.
  • Confirm async export job flow with POST /admin/exports/settlement-adjustments, polling GET /admin/exports/:jobId, and download.
  • Confirm export files are written under EXPORT_STORAGE_DIR and expire after retention.
  • Run npm run backup:production -- --dry-run and one real backup before pilot.
  • Run npm run restore:plan -- --backup <dump> and perform a restore drill on a disposable database.
  • After restore drill, run npm run restore:validate against the restored service.
  • Run staging load profile with npm run load:test:staging against a production-like environment.
  • Run npm run ui:qa.
  • Set LOG_FORMAT=json and ship stdout/stderr to the production log collector.
  • Confirm Postgres backup/restore procedure and retention.
  • Confirm Mosquitto password file and ACL are backed up.
  • Confirm logs include request_id for admin, device, and integration paths.
  • Confirm settlement CSV export format with the target bank/payment rail before live payout operations.
  • Keep OPERATIONAL_RUNBOOK.md and PILOT_EXECUTION_CHECKLIST.md available to the operator on duty.