Skip to main content

Go-Live Validation

Use this checklist to validate a production deployment before signing off.
This is the canonical checklist. Run through it after every production deployment.

Pre-Deploy

pnpm install
pnpm migrate
pnpm check   # Must pass: lint + typecheck + tests + build
Verify Railway services are healthy (worker + both cron services) with no startup errors in logs.

Security Gates

Ownership Claim

From your Telegram account: 
/start
/claim <OWNER_CLAIM_CODE>
Claim succeeds once
Second claim attempt fails

Whitelist Enforcement

From a different Telegram account: 
/start
hello
Unauthorized account is silently ignored

Integrations

Connect

/integrations
/integrations weather San Francisco, CA
/integrations connect calendar
/integrations connect gmail
Complete browser OAuth for calendar and gmail. 
/integrations
Weather shows configured location
Calendar shows connected
Gmail shows connected

Disconnect

/integrations disconnect calendar
/integrations disconnect gmail
/integrations
Both show disconnected
Follow-up reads fail gracefully
Reconnect before continuing: 
/integrations connect calendar
/integrations connect gmail

Read Paths

What's on my calendar tomorrow?
Any important emails?
What's the weather tomorrow?
Calendar returns events or “no events” message
Gmail returns summary
Weather returns forecast

Write Path + Confirmation

Happy path

Schedule dentist appointment tomorrow 2pm for 60 minutes
Bot proposes action with confirmation code
YES <code_from_bot>
Event created confirmation
Event appears in subsequent calendar query

Wrong code

Schedule haircut Friday 4pm

YES 000000
Confirmation mismatch error

Cancellation

Schedule meeting Monday 3pm
NO
Action canceled, no event created

Heartbeats

/heartbeats morning on
/heartbeats weekly on
/heartbeats
Both jobs show enabled with schedule
Check cron service logs for one execution cycle:
Logs show sent, skippedNotDue, or skippedDuplicate (not failed)
No duplicate sends

Failure Handling

  1. Temporarily break OPENWEATHER_API_KEY in Railway
  2. Ask: “What’s the weather?”
  3. Restore the key
Graceful error response (no crash)
Normal behavior returns after restore

Sign-Off

All must be true before marking deployment complete:
  • pnpm check passed on release commit
  • Ownership claim: works once, replay fails
  • Unauthorized users blocked
  • OAuth connect/disconnect works
  • Write confirmation gate works (correct code, wrong code, cancel)
  • Read paths work (calendar, gmail, weather)
  • Heartbeats fire only when due, no duplicates
  • No critical errors in logs during test window