Deployment

Deployment

Bookmarks deployment is Cloudflare-first.

Release sequence

1. Create/verify D1 database bookmarks and R2 bucket bookmarks-media.
2. Update workers/bookmarks-api-worker/wrangler.toml bindings and IDs.
3. Deploy API worker (wrangler deploy).
4. Set AUTH_MODE=service and bind AUTH_SERVICE to cosmos-auth-worker.
5. Deploy apps/bookmarks_site to Cloudflare Pages.
6. Build/deploy Flutter web and mobile with production API base URL.

Prerequisites

• cosmos-auth-worker has APP_URL set to deployed Bookmarks app URL.
• cosmos-auth-worker has healthy MAIL_SERVICE binding.
• JWT_SECRET and ENCRYPTION_KEY are configured on auth worker.

Post-deploy smoke tests

Run these in order after each production deploy:

1. GET /health returns { ok: true, service: "bookmarks-api-worker" }.
2. Login flow works (/v1/auth/login and /v1/auth/refresh).
3. Authenticated GET /v1/me returns user context.
4. Create club (POST /v1/clubs) returns 201 and clubId.
5. Member can open /v1/clubs/:clubId/settings.
6. Admin can update club settings and member role.
7. Note create/comment/reaction flow works.
8. Meeting create/RSVP/calendar endpoints work.
9. /v1/clubs/:clubId/stream websocket connects for a member.

Rollback guidance

If critical regressions are detected:

1. Roll back worker to previous known-good deployment.
2. Revert app/site to previous release artifact.
3. Re-run smoke tests against rolled-back versions.
4. If DB migration introduced incompatibility, halt write traffic and apply a tested corrective migration before re-enable.

Operational guidance

• Treat API worker as authorization and persistence boundary.
• Keep site deployment independent so marketing updates do not block app/API releases.
• Add direct R2 upload flows only when attachment throughput requires it.