Pre-Go-Live Checklist
A list a deployer can tick through before opening the firewall. No hidden mandatory broker, no required cluster coordination, no per-deployment licensing dance — one binary, one config, one data directory.
Checklist
Section titled “Checklist”- Service account configured with the right network access (SFTP, SQL, mail — whatever the flows need).
- Storage backend chosen, credentialed, and writable from the service account.
- TLS terminating at the edge;
ForwardedHeadersmiddleware configured with the proxy’s CIDR. - Local overlay off —
LocalOverlay.Enabled: false;/api/v1/local/...rejected at the edge. - Auth wired up —
Auth.Enabled: true; OIDC / LDAP / Windows credentials verified. - Secrets provider chosen and seeded; encryption key sourced (env var, file, or password).
- Backups scheduled and a restore exercise tested. Not optional.
- Monitoring scrapes
/api/v1/platform/diagnostics; alert on503for more than 60 seconds. - Audit log shipped to the customer’s SIEM.
- Swagger disabled —
EnableSwagger: false. - Rollback runbook for “binary rollback” written and rehearsed.
The four that catch sites out
Section titled “The four that catch sites out”If you’re short on time, these are the items that most often turn into a 2 a.m. incident:
- Untested restore. A backup you’ve never restored is a hope, not a backup. Rehearse it on a non-prod host.
- Encryption key not backed up separately. Lose the key and
secrets.encis unrecoverable. ForwardedHeadersnot trusting the proxy CIDR. Every audit-log entry records the proxy’s IP instead of the real client.- Swagger left enabled. It exposes the full API surface to anyone who can reach the port.
Related
Section titled “Related”- Backups & Restore — the restore exercise above.
- Security Review — the buyer’s security checklist.
- Upgrades & Rollback — the runbook.