| name | deployment-checker |
| description | Pre-deployment validation checklist and automated readiness assessment. |
Deployment Checker Skill
Pre-deployment validation checklist and automated readiness assessment.
Instructions
You are a deployment readiness expert. When invoked:
Pre-Deployment Validation:
- Code quality checks passed
- All tests passing
- Build successful
- Dependencies updated and secure
- Environment variables configured
- Database migrations ready
Security Checks:
- No secrets in code
- Security headers configured
- Authentication/authorization tested
- Input validation implemented
- HTTPS enabled
- Rate limiting configured
Performance Validation:
- Load testing completed
- Resource limits configured
- Caching strategies implemented
- Database indexes optimized
- CDN configured (if applicable)
Infrastructure Checks:
- Health checks configured
- Monitoring and alerting set up
- Logging configured
- Backup strategy in place
- Rollback plan documented
- DNS and SSL configured
Generate Checklist: Create deployment-ready report with go/no-go decision
Deployment Checklist
Pre-Deployment (Before Release)
Code Quality
- All tests passing (unit, integration, e2e)
- Code review completed and approved
- Linting passed (no warnings)
- Code coverage meets threshold (>80%)
- No known critical bugs
- Breaking changes documented
- API contracts validated
Build & Dependencies
- Build successful in CI/CD
- Dependencies updated
- Security vulnerabilities resolved
- Bundle size within acceptable limits
- Source maps generated (if applicable)
- Docker images built and pushed
Database
- Migrations tested in staging
- Migration rollback plan ready
- Backup created before migration
- Database indexes optimized
- Data validation scripts run
- Connection pool configured
Environment Configuration
- Environment variables documented
- Secrets stored securely (not in code)
- Feature flags configured
- CORS settings verified
- API keys rotated (if needed)
- Third-party services configured
Security
- Authentication tested
- Authorization rules verified
- Input validation implemented
- SQL injection prevention verified
- XSS prevention implemented
- CSRF tokens configured
- Security headers set
- Rate limiting enabled
- HTTPS enforced
- Secrets manager configured
Performance
- Load testing completed
- Performance benchmarks met
- Database query optimization done
- Caching strategy implemented
- CDN configured (if applicable)
- Resource limits set
- Auto-scaling configured
Deployment (During Release)
Infrastructure
- Health check endpoints working
- Monitoring dashboards ready
- Alerting configured
- Logging centralized
- Error tracking enabled (Sentry, etc.)
- Backup strategy verified
- SSL certificates valid
- DNS records updated
- Load balancer configured
Deployment Strategy
- Deployment method chosen (blue-green, canary, rolling)
- Rollback plan documented
- Database migration strategy defined
- Downtime window communicated (if any)
- Deployment runbook prepared
- Staging deployment successful
Communication
- Stakeholders notified
- Change log prepared
- Documentation updated
- Support team briefed
- Maintenance window scheduled (if needed)
- Status page updated
Post-Deployment (After Release)
Validation
- Smoke tests passed
- Health checks green
- Error rates normal
- Response times acceptable
- Database migrations completed
- Feature flags validated
Monitoring
- Application logs reviewed
- Error tracking checked
- Performance metrics reviewed
- User feedback monitored
- Resource usage normal
- Alerts configured and tested
Documentation
- Release notes published
- API documentation updated
- Known issues documented
- Rollback procedure tested
- Incident response plan ready
Usage Examples
@deployment-checker
@deployment-checker --environment production
@deployment-checker --checklist
@deployment-checker --automated
@deployment-checker --report
Automated Checks Script
Node.js Example
// deployment-check.js
const chalk = require('chalk');
class DeploymentChecker {
constructor() {
this.checks = [];
this.passed = 0;
this.failed = 0;
}
async runChecks() {
console.log(chalk.bold('\nš Deployment Readiness Check\n'));
await this.checkTests();
await this.checkBuild();
await this.checkDependencies();
await this.checkEnvironment();
await this.checkSecurity();
await this.checkDatabase();
this.printSummary();
return this.failed === 0;
}
async checkTests() {
console.log(chalk.blue('š Running Tests...'));
try {
await this.exec('npm test');
this.pass('All tests passing');
} catch (error) {
this.fail('Tests failed', error.message);
}
}
async checkBuild() {
console.log(chalk.blue('\nšØ Building Application...'));
try {
await this.exec('npm run build');
this.pass('Build successful');
} catch (error) {
this.fail('Build failed', error.message);
}
}
async checkDependencies() {
console.log(chalk.blue('\nš¦ Checking Dependencies...'));
try {
const result = await this.exec('npm audit --audit-level=high');
if (result.includes('0 vulnerabilities')) {
this.pass('No high/critical vulnerabilities');
} else {
this.fail('Security vulnerabilities found');
}
} catch (error) {
this.fail('Dependency check failed', error.message);
}
}
async checkEnvironment() {
console.log(chalk.blue('\nš Checking Environment...'));
const required = [
'DATABASE_URL',
'JWT_SECRET',
'API_KEY',
'REDIS_URL'
];
for (const envVar of required) {
if (process.env[envVar]) {
this.pass(`${envVar} is set`);
} else {
this.fail(`${envVar} is missing`);
}
}
}
async checkSecurity() {
console.log(chalk.blue('\nš Security Checks...'));
// Check for secrets in code
try {
const result = await this.exec('git secrets --scan');
this.pass('No secrets found in code');
} catch (error) {
this.fail('Secrets detected in code');
}
// Check HTTPS
if (process.env.FORCE_HTTPS === 'true') {
this.pass('HTTPS enforced');
} else {
this.fail('HTTPS not enforced');
}
}
async checkDatabase() {
console.log(chalk.blue('\nš¾ Database Checks...'));
// Check migrations are up to date
try {
await this.exec('npm run db:check-migrations');
this.pass('Database migrations ready');
} catch (error) {
this.fail('Database migration issues');
}
}
pass(message) {
console.log(chalk.green(` ā ${message}`));
this.passed++;
}
fail(message, details = '') {
console.log(chalk.red(` ā ${message}`));
if (details) {
console.log(chalk.gray(` ${details}`));
}
this.failed++;
}
printSummary() {
console.log(chalk.bold('\nš Summary\n'));
console.log(chalk.green(` Passed: ${this.passed}`));
console.log(chalk.red(` Failed: ${this.failed}`));
if (this.failed === 0) {
console.log(chalk.green.bold('\nā
READY FOR DEPLOYMENT\n'));
} else {
console.log(chalk.red.bold('\nā NOT READY FOR DEPLOYMENT\n'));
process.exit(1);
}
}
async exec(command) {
const { execSync } = require('child_process');
return execSync(command, { encoding: 'utf8' });
}
}
// Run checks
const checker = new DeploymentChecker();
checker.runChecks();
Deployment Report Template
# Deployment Readiness Report
**Environment**: Production
**Date**: 2024-01-15
**Version**: v2.3.0
**Release Manager**: @username
---
## Overall Status
š¢ **READY FOR DEPLOYMENT**
**Score**: 95/100
- ā
Critical checks: 10/10
- ā
High priority: 18/20
- ā ļø Medium priority: 28/30
- ā
Low priority: 39/40
---
## Critical Checks (10/10) ā
- ā
All tests passing (1,234 tests, 0 failures)
- ā
Build successful
- ā
No critical vulnerabilities
- ā
Database migrations tested
- ā
Environment variables configured
- ā
HTTPS enabled
- ā
Health checks working
- ā
Rollback plan documented
- ā
Monitoring configured
- ā
Staging deployment successful
---
## High Priority (18/20) ā
- ā
Code review approved
- ā
Security scan passed
- ā
Performance benchmarks met
- ā
Load testing completed
- ā
Error tracking enabled
- ā
Rate limiting configured
- ā
Backup strategy verified
- ā
SSL certificates valid
- ā ļø API documentation needs update (2 endpoints)
- ā ļø Cache warming script not tested
---
## Medium Priority (28/30) ā ļø
- ā
Linting passed
- ā
Code coverage: 87% (target: 80%)
- ā
Bundle size: 245KB (within limit)
- ā ļø Minor performance issue in search endpoint
- ā ļø 1 TODO comment in critical path
---
## Test Results
**Unit Tests**: ā
856 passed, 0 failed
**Integration Tests**: ā
234 passed, 0 failed
**E2E Tests**: ā
144 passed, 0 failed
**Total**: 1,234 tests in 2m 34s
**Coverage**:
- Statements: 87.4%
- Branches: 82.1%
- Functions: 89.3%
- Lines: 86.8%
---
## Security Scan Results
**Dependencies**: ā
No critical/high vulnerabilities
**Secrets Scan**: ā
No secrets detected
**HTTPS**: ā
Enforced
**Security Headers**: ā
Configured
- X-Frame-Options: DENY
- X-Content-Type-Options: nosniff
- Strict-Transport-Security: max-age=31536000
**Authentication**: ā
Tested
**Rate Limiting**: ā
100 req/15min per IP
---
## Performance Metrics
**Load Test Results** (10,000 concurrent users):
- Average Response Time: 234ms ā
(target: <500ms)
- P95 Response Time: 456ms ā
(target: <1s)
- P99 Response Time: 789ms ā
(target: <2s)
- Error Rate: 0.02% ā
(target: <0.1%)
- Throughput: 12,345 req/s ā
**Database**:
- Query Response Time: <50ms ā
- Connection Pool: Configured (min: 5, max: 50) ā
- Indexes: Optimized ā
---
## Infrastructure Status
**Health Checks**: ā
All passing
- /health: 200 OK (5ms)
- /ready: 200 OK (8ms)
- Database: Connected
- Redis: Connected
- External APIs: Reachable
**Monitoring**: ā
Configured
- Application metrics: Datadog
- Error tracking: Sentry
- Logging: CloudWatch
- Uptime monitoring: Pingdom
**Alerts Configured**:
- Error rate > 1%
- Response time P95 > 1s
- CPU > 80%
- Memory > 85%
- Database connections > 45
---
## Database Migrations
**Status**: ā
Ready
Migrations to apply:
1. `20240115_add_user_preferences` - Tested ā
2. `20240115_create_notifications_table` - Tested ā
**Rollback Plan**: ā
Documented
**Backup**: ā
Created (15GB, 2024-01-15 10:00 UTC)
---
## Deployment Plan
**Strategy**: Blue-Green Deployment
**Estimated Duration**: 15 minutes
**Downtime**: None
**Rollback Time**: 2 minutes
**Steps**:
1. Deploy to green environment
2. Run smoke tests
3. Switch 10% traffic to green
4. Monitor for 10 minutes
5. Switch 50% traffic to green
6. Monitor for 10 minutes
7. Switch 100% traffic to green
8. Keep blue environment for 24h (quick rollback)
---
## Action Items Before Deployment
### Must Fix (Blockers)
- None ā
### Should Fix (Recommended)
- ā ļø Update API documentation for new endpoints
- ā ļø Test cache warming script
### Nice to Have
- Consider adding more E2E tests for edge cases
- Update changelog with latest changes
---
## Risk Assessment
**Overall Risk**: š¢ Low
**Identified Risks**:
1. **Database Migration** (Low Risk)
- Mitigation: Tested in staging, rollback plan ready
2. **Traffic Spike** (Low Risk)
- Mitigation: Load tested, auto-scaling configured
3. **Third-Party API** (Medium Risk)
- Mitigation: Circuit breaker implemented, fallback configured
---
## Rollback Plan
**Trigger Conditions**:
- Error rate > 5%
- Response time P95 > 2s
- Critical functionality broken
**Rollback Steps**:
1. Switch traffic back to blue environment (30 seconds)
2. Investigate issue
3. Fix and redeploy
**Data Rollback**:
- Database backup available (15 minutes to restore)
- Migration rollback scripts tested
---
## Communication Plan
**Notifications Sent**:
- ā
Engineering team
- ā
Product team
- ā
Support team
- ā
Stakeholders
**Status Page**: Updated
**Changelog**: Ready to publish
**Documentation**: Updated
---
## Sign-Off
**Technical Lead**: ā
Approved - @tech-lead
**QA**: ā
Approved - @qa-lead
**DevOps**: ā
Approved - @devops-lead
**Product**: ā
Approved - @product-manager
---
## Final Recommendation
š¢ **APPROVED FOR DEPLOYMENT**
All critical checks passed. Minor issues identified do not block deployment.
Recommend proceeding with deployment as scheduled.
**Scheduled Deployment**: 2024-01-15 14:00 UTC
**Deployment Window**: 14:00 - 14:30 UTC
Best Practices
Blue-Green Deployment
- Zero downtime
- Instant rollback
- Full testing before switch
- Keep old environment for quick revert
Canary Deployment
- Gradual rollout (1% ā 10% ā 50% ā 100%)
- Monitor metrics at each stage
- Automatic rollback on errors
- Low risk
Rolling Deployment
- Update instances one by one
- No downtime
- Automatic health checks
- Slower than blue-green
Database Migrations
- Always test in staging first
- Create rollback scripts
- Backup before migration
- Avoid breaking changes when possible
- Use feature flags for schema changes
Notes
- Never deploy on Fridays (unless critical)
- Always have a rollback plan
- Monitor closely for first hour after deployment
- Document everything
- Automate as much as possible
- Test in production-like environment
- Use feature flags for gradual rollout
- Keep deployments small and frequent
- Have team available during deployment
- Celebrate successful deployments!