ca-grow-ops-manager/DEPLOYMENT-CHECKLIST.md

# Deployment Checklist

**Project**: CA Grow Ops Manager  
**Status**: Ready for Deployment  
**Date**: 2025-12-08

---

## ✅ Completed

### Project Initialization

- [x] Constitution created and documented
- [x] Project spec (spec.yml) defined
- [x] 7 comprehensive feature specs written
- [x] Architecture documented
- [x] Compliance notes (California DCC) documented
- [x] Phase 1 implementation plan created (6 weeks)
- [x] Week 1 tasks defined (15 tasks)
- [x] Backend README with setup instructions
- [x] Frontend README with setup instructions
- [x] Quick start guide created
- [x] Project status tracker created

### CI/CD Setup

- [x] Forgejo Actions workflows created
  - [x] Test workflow (runs on every push/PR)
  - [x] Deploy workflow (auto-deploys on push to main)
- [x] Deployment guide for nexus-vector created
- [x] CI/CD setup guide created

### Git Repository

- [x] Git repository initialized
- [x] All files committed
- [x] Branch renamed to `main`

---

## ⏭️ Next Steps (Manual)

### 1. Create Forgejo Repository

**Option A: Via Web UI** (Recommended)

1. Navigate to <https://git.runfoo.run>
2. Click **+** → **New Repository**
3. Organization: `runfoo`
4. Repository name: `ca-grow-ops-manager`
5. Description: "Production-grade web + mobile app for managing licensed California cannabis cultivation facilities"
6. Visibility: **Private**
7. **Uncheck** "Initialize repository"
8. Click **Create Repository**

**Option B: Via API** (If you have a valid token)

```bash
curl -X POST "https://git.runfoo.run/api/v1/org/runfoo/repos" \
  -H "Authorization: token YOUR_TOKEN_HERE" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "ca-grow-ops-manager",
    "description": "Production-grade web + mobile app for managing licensed California cannabis cultivation facilities",
    "private": true,
    "auto_init": false,
    "default_branch": "main"
  }'
```

---

### 2. Add Git Remote and Push

After creating the repository in Forgejo:

```bash
cd /Users/ten/ANTIGRAVITY/777wolfpack/ca-grow-ops-manager

# Add Forgejo remote
git remote add origin https://git.runfoo.run/runfoo/ca-grow-ops-manager.git

# Push to Forgejo
git push -u origin main
```

**Note**: You'll be prompted for credentials. Use your Forgejo username and password/token.

---

### 3. Set Up SSH Key for CI/CD

#### 3.1 Generate SSH Key (if needed)

```bash
# Generate a new SSH key for deployment
ssh-keygen -t ed25519 -C "forgejo-deploy-ca-grow-ops" -f ~/.ssh/ca_grow_ops_deploy

# Display the private key (you'll need this for Forgejo secrets)
cat ~/.ssh/ca_grow_ops_deploy

# Display the public key (you'll add this to nexus-vector)
cat ~/.ssh/ca_grow_ops_deploy.pub
```

#### 3.2 Add Public Key to nexus-vector

```bash
# Copy public key to nexus-vector
ssh admin@nexus-vector "echo '$(cat ~/.ssh/ca_grow_ops_deploy.pub)' >> ~/.ssh/authorized_keys"

# Test the connection
ssh -i ~/.ssh/ca_grow_ops_deploy admin@nexus-vector "echo 'SSH connection successful'"
```

#### 3.3 Add Private Key to Forgejo Secrets

1. Go to: <https://git.runfoo.run/runfoo/ca-grow-ops-manager/settings/secrets>
2. Click **Add Secret**
3. Name: `SSH_PRIVATE_KEY`
4. Value: Paste the **entire contents** of `~/.ssh/ca_grow_ops_deploy` (the private key)
5. Click **Add Secret**

---

### 4. Enable Forgejo Actions

1. Go to: <https://git.runfoo.run/runfoo/ca-grow-ops-manager/settings>
2. Click **Actions** in the left sidebar
3. Ensure **Enable Repository Actions** is checked
4. Set **Default workflow permissions** to **Read and write permissions**
5. Click **Update Settings**

---

### 5. Prepare nexus-vector for Deployment

```bash
# SSH to nexus-vector
ssh admin@nexus-vector

# Create service directory
sudo mkdir -p /srv/containers/ca-grow-ops-manager
sudo chown admin:admin /srv/containers/ca-grow-ops-manager

# Clone the repository (after pushing to Forgejo)
cd /srv/containers
git clone https://git.runfoo.run/runfoo/ca-grow-ops-manager.git
cd ca-grow-ops-manager

# Create environment file
cat > docker-compose.env << 'EOF'
# Database
DB_PASSWORD=$(openssl rand -base64 32)

# JWT
JWT_SECRET=$(openssl rand -base64 64)

# Email (optional for v1)
EMAIL_SERVICE=sendgrid
EMAIL_API_KEY=your_api_key_here
EMAIL_FROM=noreply@example.com
EOF

# Generate secure passwords
echo "DB_PASSWORD=$(openssl rand -base64 32)" > docker-compose.env
echo "JWT_SECRET=$(openssl rand -base64 64)" >> docker-compose.env
echo "" >> docker-compose.env
echo "# Email (optional for v1)" >> docker-compose.env
echo "EMAIL_SERVICE=sendgrid" >> docker-compose.env
echo "EMAIL_API_KEY=your_api_key_here" >> docker-compose.env
echo "EMAIL_FROM=noreply@example.com" >> docker-compose.env

# Show the generated passwords (save these!)
cat docker-compose.env
```

---

### 6. Trigger First Deployment

#### Option A: Via CI/CD (Recommended)

```bash
# From your local machine
cd /Users/ten/ANTIGRAVITY/777wolfpack/ca-grow-ops-manager

# Make a small change to trigger CI/CD
echo "" >> README.md
git add README.md
git commit -m "chore: Trigger initial CI/CD deployment"
git push origin main

# Monitor the deployment
# Go to: https://git.runfoo.run/runfoo/ca-grow-ops-manager/actions
```

#### Option B: Manual Deployment

```bash
# SSH to nexus-vector
ssh admin@nexus-vector
cd /srv/containers/ca-grow-ops-manager

# Build and start services
docker compose build
docker compose up -d

# Check status
docker compose ps

# View logs
docker compose logs -f
```

---

### 7. Verify Deployment

```bash
# Check service health
curl http://localhost:8010/api/healthz

# Or from outside nexus-vector (if configured)
curl http://216.158.230.94:8010/api/healthz

# Check container status
ssh admin@nexus-vector "cd /srv/containers/ca-grow-ops-manager && docker compose ps"

# View logs
ssh admin@nexus-vector "cd /srv/containers/ca-grow-ops-manager && docker compose logs -f --tail=50"
```

---

## 📊 Deployment Status

### Current State

- ✅ Code ready and committed locally
- ⏳ Forgejo repository needs to be created
- ⏳ SSH key needs to be configured
- ⏳ Code needs to be pushed to Forgejo
- ⏳ CI/CD needs to be triggered

### Expected Timeline

- **Step 1-2**: 5 minutes (Create repo and push)
- **Step 3**: 10 minutes (SSH key setup)
- **Step 4**: 2 minutes (Enable Actions)
- **Step 5**: 5 minutes (Prepare nexus-vector)
- **Step 6**: 3-5 minutes (First deployment)
- **Step 7**: 2 minutes (Verification)

**Total**: ~30 minutes

---

## 🚨 Troubleshooting

### "Repository already exists"

The repository might already exist. Check: <https://git.runfoo.run/runfoo/ca-grow-ops-manager>

### "Permission denied (publickey)"

- Verify SSH key is added to nexus-vector: `ssh admin@nexus-vector "cat ~/.ssh/authorized_keys | grep ca_grow_ops"`
- Verify secret is added to Forgejo: Settings → Secrets → SSH_PRIVATE_KEY

### "Port 8010 already in use"

```bash
ssh admin@nexus-vector "sudo netstat -tlnp | grep 8010"
# If in use, choose a different port in docker-compose.yml
```

### "Health check failed"

```bash
ssh admin@nexus-vector "cd /srv/containers/ca-grow-ops-manager && docker compose logs backend"
# Check for errors in backend logs
```

---

## 📝 Notes

- The Forgejo API token in the onboarding docs appears to be invalid/expired
- You'll need to create the repository via the web UI or get a new API token
- Once the repository is created and SSH key is configured, CI/CD will handle all future deployments automatically

---

## ✅ Success Criteria

Deployment is successful when:

- [ ] Repository exists at <https://git.runfoo.run/runfoo/ca-grow-ops-manager>
- [ ] Code is pushed to Forgejo
- [ ] CI/CD workflow runs successfully
- [ ] Service is accessible at <http://localhost:8010> on nexus-vector
- [ ] Health check returns 200 OK
- [ ] All containers are running

---

**Next Action**: Create the Forgejo repository via web UI and follow steps 2-7 above.