284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
2.0 KiB
2.0 KiB
Mobile Rollout Checklist + Rollback Plan
Scope: Ticketing MVP + SSO (hosted only), ee/mobile/ + supporting server endpoints.
Last updated: 2026-02-03
Rollout Checklist
Pre-release
- Server: hosted domain allowlist configured (if used) and includes the production domain(s).
- Server: token TTLs/rotation configured; revocation works.
- Server: RBAC verified for ticket list/detail/comments/mutations (401/403 behavior).
- Mobile: analytics enabled/disabled default confirmed; no PII in event properties.
- Mobile: crash reporting provider configured (or explicitly disabled); request/response bodies excluded.
- Mobile: privacy policy + terms URLs reachable from Settings.
- Mobile: accessibility smoke pass (VoiceOver/TalkBack basics, touch targets, labels).
Distribution
- iOS: App Store Connect app created and bundle id matches
ee/mobile/app.json. - iOS: TestFlight internal group configured.
- Android: Play Console app created and package name matches
ee/mobile/app.json. - Android: Internal testing track configured.
- CI secrets configured (
EXPO_TOKEN, plus any EAS submit credentials). - Run
.github/workflows/mobile-distribute.yml:testflightplayInternal
Monitoring / Support
- Dashboards for auth success/failure and API error rates.
- Support escalation path documented for “can’t sign in” and “401 loop” issues.
- Known issues doc prepared for beta testers.
Rollback Plan
Immediate mitigation (minutes)
- Revoke/expire refresh tokens for affected tenant(s) if compromise is suspected.
- Communicate status to testers and support.
Store rollback (hours)
- iOS: stop TestFlight external testing / expire builds if needed.
- Android: deactivate the release in the internal track / roll back to previous version if available.
Follow-up (days)
- Root-cause analysis with logs/metrics for auth failures, 401/403 spikes, and API error rates.
- Patch + re-release with incremented build numbers and updated release notes.