Deployment Procedures
Safe deployment workflow cho 3 services
Architecture Overview
| Service | Type | Domain | Source |
|---|---|---|---|
| Landing | Cloudflare Pages | salehay.com | landing/dist → salehay-landing |
| Admin | Cloudflare Pages | app.salehay.com | admin/dist → salehay-admin |
| API | Cloudflare Worker | api.salehay.com | api/ → saleagent Worker |
| Docs | Cloudflare Pages | dev.salehay.com | docs/.vitepress/dist → salehay-docs-internal |
| Affiliate | Cloudflare Pages | aff.salehay.com | aff/dist → salehay-aff |
5-Phase Deployment Process
Phase 1: PREPARE
bash
# 1. Pull latest code
git pull origin main
# 2. Check for uncommitted changes
git status
# 3. Run test gate
cd api && npm run test:gate
cd ../admin && npm run test:gate
cd ../landing && npm run test:gatePhase 2: BACKUP
bash
# Database: Neon auto-snapshots (check console)
# Config: Ensure wrangler.toml is committed
# Note: Cloudflare Pages keeps deployment history — easy rollbackPhase 3: DEPLOY
Deploy Order: API → Admin → Landing (dependencies first)
bash
# API (backend changes)
cd api && npx wrangler deploy
# Admin (admin UI changes)
cd admin && npm run build && npx wrangler pages deploy dist \
--project-name=salehay-admin --commit-dirty=true
# Landing (landing page changes)
cd landing && npm run build && npx wrangler pages deploy dist \
--project-name=salehay-landing --commit-dirty=true
# Docs (documentation changes)
cd docs && npm run deploy:internalPhase 4: VERIFY
| Check | Command/Action | Expected |
|---|---|---|
| API health | curl https://api.salehay.com/api/health | {"status":"ok"} |
| Landing page | Open salehay.com | Hero text visible |
| Admin login | Open app.salehay.com/login | Login form loads |
| Affiliate portal | Open aff.salehay.com | Login form loads |
| CORS check | Login from admin → no errors | No CORS errors in console |
| Docs site | Open dev.salehay.com | Docs homepage loads |
Phase 5: CONFIRM or ROLLBACK
If verification passes:
- ✅ Confirm deployment
- Update CHANGELOG.md if applicable
- Notify team (if applicable)
If verification fails:
- ❌ Rollback immediately via Cloudflare Pages dashboard → select previous deployment
- For API Worker:
cd api && npx wrangler rollback - Investigate before re-deploying
Service-Specific Notes
API Worker
- Secrets: Set via
npx wrangler secret put <NAME>DATABASE_URL,JWT_SECRET,GOOGLE_CLIENT_ID,GOOGLE_CLIENT_SECRET,RESEND_API_KEY,EMAIL_FROM
- DO NOT add
[assets]towrangler.toml— API is API-only - DO NOT add
salehay.com/*route — conflicts with Pages
Admin SPA
API_BASE→https://api.salehay.com(insrc/lib/api.js)- CORS must include
app.salehay.comin API Worker
Landing Page
- Login links → external
<a>tohttps://app.salehay.com/login - Not
<Link>(different SPA)
Emergency Procedures
| Scenario | Action |
|---|---|
| API down | Check Cloudflare dashboard → Worker status. Rollback if needed. |
| Database error | Check Neon console → branch health. Point-in-time recovery available. |
| CORS error after deploy | Check ALLOWED_ORIGINS in api/src/index.js. Redeploy API. |
| Landing page 404 | Check Cloudflare Pages deployment logs. Ensure dist/ was correctly built. |
| Partial deploy (only 1 service) | All services are independent — partial deploy is normal and expected. |
Deploy Frequency
| Type | Frequency | Process |
|---|---|---|
| Hotfix (bug fix) | As needed | Skip test gate if critical, but verify after deploy |
| Feature release | 1-2x per week | Full 5-phase process |
| Content update (docs) | Anytime | npm run deploy:internal only |
| Database migration | Careful | Test on Neon branch first, then merge |