FFakeMCP

First Production Launch Runbook

Execute first production deploy with one-time empty-DB schema bootstrap.

First Production Launch Runbook (No-Migration Track)

This runbook assumes first-ever production deployment for FakeMCP, with no existing production data.

1) Launch policy

  • No backward migrations.
  • No data backfills.
  • No compatibility shims.
  • One-time schema bootstrap only on an empty D1 database.
  • Production-only environment model (no staging).

2) Config and secret model

  • Commit all non-secret Cloudflare settings in /Users/michael/personal/fakemcp-com/infra/config/production.ts.
  • Keep only one execution secret: CLOUDFLARE_API_TOKEN.
  • Store/sync that token from deploy-ops into Mykybo/fakemcp-com GitHub secrets.
  • Set CLOUDFLARE_ZONE_ID as a non-secret GitHub repository variable (32-char zone id).

3) Bootstrap infrastructure (idempotent)

bash
pnpm infra:bootstrap

Long press or right-click snippet for quick actions

What it does:

  • Ensures D1 database exists.
  • Ensures R2 bucket exists.
  • Ensures Durable Object namespace exists.
  • Applies bootstrap SQL from apps/mcp/migrations/0001_reliability.sql.
  • Verifies required reliability tables.
  • Upserts managed WAF and rate-limit rules.
  • Writes discovered IDs to .infra/production.state.json.
  • Renders worker deployment config to .infra/wrangler.*.production.jsonc.

Dry-run:

bash
pnpm infra:bootstrap --dry-run

Long press or right-click snippet for quick actions

4) Deploy workers and routing

bash
pnpm infra:deploy

Long press or right-click snippet for quick actions

What it does:

  • Builds MCP and web workers.
  • Deploys MCP worker first, then web worker.
  • Upserts same-domain route ownership:
    • /health*, /catalog*, /v1/catalog*, /scenario*, /v1/scenario*, /mcp*, /v1/suites*, /v1/runs*, /v1/replays*, /v1/conformance*, /v1/ops* -> fakemcp-mcp
    • all other paths -> fakemcp-web
  • Runs production smoke checks:
    • pnpm smoke:api https://fakemcp.com
    • pnpm smoke:mcp https://fakemcp.com

Dry-run:

bash
pnpm infra:deploy --dry-run

Long press or right-click snippet for quick actions

5) Verify infrastructure state

bash
pnpm infra:check

Long press or right-click snippet for quick actions

Checks include:

  • D1/R2/DO resources exist.
  • D1 table set is complete.
  • Managed routes match configured ownership.
  • Managed WAF + rate-limit rules are present.

6) Merge gates

Before launch, keep these green:

bash
pnpm format:check
pnpm lint
pnpm typecheck
pnpm test
pnpm build
pnpm smoke:api
pnpm smoke:mcp

Long press or right-click snippet for quick actions

7) Rollout sequence (single production env)

  1. Internal alpha traffic for 2-3 days.
  2. Design-partner beta traffic for 1 week.
  3. Public release after SLO stability.

8) Observability and alerts

Key counters:

  • runs_created, runs_passed, runs_failed
  • ci_gate_invocations, ci_gate_failures
  • replays_created, replays_opened
  • conformance_runs_created
  • stateful_sessions_created

Alert thresholds:

  • Run creation P95 > 500ms
  • Run report retrieval success < 99.5%
  • internal_error rate > 1% over 5 minutes

Related Guides

View all