# โœ… Pull-Based Deployment - Implementation Checklist Use this checklist to ensure everything is set up correctly. --- ## ๐Ÿ“‹ Pre-Setup Checklist ### GitHub Repository - [ ] Repository exists on GitHub - [ ] Code is pushed to repository - [ ] `.github/workflows/ci-build.yml` exists - [ ] Repository is accessible (public or private with access) ### VPS Requirements - [ ] VPS is running (Ubuntu/CentOS/Debian) - [ ] aaPanel is installed - [ ] You have root/SSH access - [ ] VPS has outbound internet access - [ ] PHP 8.3 installed - [ ] MySQL/MariaDB installed - [ ] Nginx/Apache installed ### Local Tools - [ ] SSH client installed - [ ] Text editor (VS Code, Nano, etc.) - [ ] Browser for GitHub access --- ## ๐Ÿ” GitHub Setup ### Personal Access Token - [ ] Go to https://github.com/settings/tokens - [ ] Click "Generate new token (classic)" - [ ] Set note: `BTM Koperasi Deployment` - [ ] Set expiration (recommended: 90 days or no expiration) - [ ] Select scope: โœ… `repo` (Full control) - [ ] Generate token - [ ] **Copy token** (save in password manager) - [ ] Token format: `ghp_xxxxxxxxxxxx` (classic) or `github_pat_xxxxx` (fine-grained) ### Verify Repository - [ ] Repository name is correct (e.g., `username/btm-koperasi`) - [ ] Default branch is `main` or `develop` - [ ] Repository has code - [ ] `.github/workflows/ci-build.yml` exists --- ## ๐Ÿ–ฅ๏ธ VPS Setup ### SSH Access - [ ] Can SSH to VPS: `ssh root@YOUR_VPS_IP` - [ ] SSH key authentication works (optional but recommended) - [ ] Sudo/root privileges confirmed ### Install Required Tools ```bash # Run on VPS apt-get update apt-get install -y curl jq tar git bc ``` - [ ] Command completed without errors - [ ] Verify: `curl --version` โœ… - [ ] Verify: `jq --version` โœ… - [ ] Verify: `git --version` โœ… ### Create Directories ```bash mkdir -p /www/wwwroot/btm-koperasi mkdir -p /www/wwwroot/btm-koperasi-backup mkdir -p /www/wwwroot/btm-koperasi-releases mkdir -p /tmp/btm-deploy ``` - [ ] Directories created - [ ] Permissions set: `chown -R www:www` - [ ] Verify: `ls -ld /www/wwwroot/btm-koperasi*` ### Store GitHub Token ```bash echo "YOUR_TOKEN" > /root/.github_token chmod 600 /root/.github_token ``` - [ ] Token file created - [ ] Permissions set to 600 - [ ] Verify: `cat /root/.github_token` shows token - [ ] Token is valid (not expired) ### Download Deploy Script ```bash curl -L https://raw.githubusercontent.com/YOUR_USERNAME/btm-koperasi/main/deploy/deploy.sh \ -o /usr/local/bin/deploy.sh chmod +x /usr/local/bin/deploy.sh ``` - [ ] Script downloaded - [ ] Script is executable - [ ] Verify: `ls -l /usr/local/bin/deploy.sh` ### Configure Deploy Script ```bash nano /usr/local/bin/deploy.sh ``` - [ ] Updated `GITHUB_REPO` to your repo - [ ] Token file path is correct (`/root/.github_token`) - [ ] App directory is correct (`/www/wwwroot/btm-koperasi`) - [ ] Saved changes (Ctrl+X, Y, Enter) ### Test Deploy Script ```bash /usr/local/bin/deploy.sh --help /usr/local/bin/deploy.sh --list ``` - [ ] Help displays correctly - [ ] `--list` shows available releases (or message if none) - [ ] No error about token or configuration --- ## ๐Ÿš€ CI/CD Workflow ### Test CI Workflow ```bash # On local computer git add . git commit -m "Test CI workflow" git push origin main ``` - [ ] Code pushed successfully - [ ] Go to GitHub โ†’ Actions tab - [ ] See "CI - Build and Release" workflow running - [ ] Wait for completion (~5-10 minutes) - [ ] All jobs pass (Lint, Test, Build) - [ ] Release created (check Releases tab) ### Verify Release - [ ] Go to repository Releases - [ ] See new release (e.g., `v1-test-ci-workflow`) - [ ] Release has `.tar.gz` asset - [ ] Release has `.sha256` checksum file --- ## ๐Ÿ“ฆ First Deployment ### Run Deployment ```bash /usr/local/bin/deploy.sh main ``` - [ ] Script starts without errors - [ ] Prerequisites check passes - [ ] Backup created (if not first deploy) - [ ] Release downloaded from GitHub - [ ] Checksum verified - [ ] Files extracted - [ ] Deployment completed - [ ] Health check passed - [ ] Success message shown ### Verify Deployment ```bash cat /www/wwwroot/btm-koperasi/.deployed_version ``` - [ ] Version file exists - [ ] Version matches GitHub release - [ ] Application directory has files: `ls /www/wwwroot/btm-koperasi` --- ## ๐ŸŒ aaPanel Configuration ### Website Setup - [ ] Login to aaPanel: `http://YOUR_VPS_IP:8888` - [ ] Go to Website โ†’ Add site - [ ] Domain: VPS IP or local domain - [ ] Root directory: `/www/wwwroot/btm-koperasi/public` - [ ] PHP version: 8.3 - [ ] Database configured ### Nginx/Apache Config - [ ] URL Rewrite set to Laravel - [ ] Or custom config applied - [ ] Configuration saved ### SSL (Optional) - [ ] SSL certificate installed (Let's Encrypt or self-signed) - [ ] HTTPS accessible ### Test Website ```bash curl http://localhost ``` - [ ] Returns HTML - [ ] No 500 errors - [ ] Browser: `http://YOUR_VPS_IP` loads --- ## ๐Ÿ—„๏ธ Application Configuration ### Environment Setup ```bash nano /www/wwwroot/btm-koperasi/.env ``` - [ ] `APP_NAME` set - [ ] `APP_ENV=production` - [ ] `APP_DEBUG=false` - [ ] `APP_URL` set to VPS IP or domain - [ ] Database credentials correct - [ ] Mail settings configured (if using email) ### Application Key ```bash php artisan key:generate ``` - [ ] Key generated - [ ] Key saved in `.env` ### Migrations ```bash php artisan migrate --force ``` - [ ] Migrations ran successfully - [ ] No errors - [ ] Database tables created ### Cache ```bash php artisan config:cache php artisan route:cache php artisan view:cache ``` - [ ] Configuration cached - [ ] Routes cached - [ ] Views cached --- ## ๐Ÿ”ง Services Configuration ### Queue Workers (Supervisor) ```bash # Check if supervisor installed supervisorctl status ``` - [ ] Supervisor installed - [ ] Config file created: `/etc/supervisor/conf.d/btm-koperasi-worker.conf` - [ ] Workers running: `supervisorctl status` - [ ] Logs accessible: `/www/wwwlogs/btm-koperasi-worker.log` ### Laravel Scheduler (Cron) ```bash crontab -l ``` - [ ] Cron entry exists: `* * * * * cd /www/wwwroot/btm-koperasi && php artisan schedule:run` - [ ] Scheduler working (check logs after 1 minute) ### PHP-FPM ```bash systemctl status php8.3-fpm ``` - [ ] PHP-FPM running - [ ] Auto-start on boot enabled ### Nginx/Apache ```bash systemctl status nginx # or systemctl status apache2 ``` - [ ] Web server running - [ ] Auto-start on boot enabled --- ## ๐Ÿงช Test Deployment Workflow ### Make a Test Change ```bash # On local computer echo " app/Http/Controllers/TestController.php git add . git commit -m "Test deployment" git push origin main ``` - [ ] Code pushed - [ ] CI workflow triggered ### Wait for CI - [ ] Go to GitHub โ†’ Actions - [ ] Workflow running - [ ] Wait for completion - [ ] Release created ### Deploy on VPS ```bash ssh root@YOUR_VPS_IP ./deploy.sh main ``` - [ ] Deployment successful - [ ] New version deployed - [ ] Application accessible - [ ] Test change visible ### Verify ```bash cat /www/wwwroot/btm-koperasi/.deployed_version curl http://localhost ``` - [ ] Version updated - [ ] Application working --- ## ๐Ÿ” Security Checklist ### File Permissions - [ ] `/root/.github_token`: 600 - [ ] `/usr/local/bin/deploy.sh`: 700 - [ ] `/www/wwwroot/btm-koperasi`: owned by www:www - [ ] `/www/wwwroot/btm-koperasi/storage`: 775 ### Firewall - [ ] Only necessary ports open (22, 80, 443, 3306) - [ ] UFW or firewall configured ### Database - [ ] Database user has limited privileges - [ ] Remote MySQL access disabled - [ ] Strong database password ### Application - [ ] `APP_DEBUG=false` in production - [ ] `.env` not accessible via web - [ ] `.git` directory not in web root --- ## ๐Ÿ“Š Monitoring Setup ### Logs - [ ] Application logs: `storage/logs/laravel.log` - [ ] Nginx logs: `/www/wwwlogs/btm-koperasi-*.log` - [ ] Queue logs: `/www/wwwlogs/btm-koperasi-worker.log` - [ ] Deployment logs: `/var/log/btm-deploy.log` ### Health Check ```bash curl http://localhost/health ``` - [ ] Health endpoint exists (if implemented) - [ ] Returns 200 OK ### Monitoring (Optional) - [ ] Uptime monitoring configured - [ ] Disk space monitoring - [ ] Error alerting setup --- ## ๐Ÿ“š Documentation ### Team Documentation - [ ] Deployment process documented - [ ] Rollback procedure documented - [ ] Troubleshooting guide available - [ ] Contact information for emergencies ### Access Information - [ ] VPS credentials stored securely - [ ] GitHub token stored in password manager - [ ] Database credentials documented - [ ] aaPanel login documented --- ## ๐ŸŽฏ Final Verification ### Deployment Test - [ ] Can deploy from `main` branch - [ ] Can deploy from `develop` branch - [ ] Rollback works - [ ] `--list` shows releases - [ ] `--help` displays correctly ### Application Test - [ ] Homepage loads - [ ] Login works (if applicable) - [ ] Critical features work - [ ] Database queries work - [ ] Queue jobs process - [ ] Scheduled tasks run ### Documentation Review - [ ] [DEPLOYMENT_15MIN.md](DEPLOYMENT_15MIN.md) reviewed - [ ] [PULL_DEPLOYMENT_SETUP.md](PULL_DEPLOYMENT_SETUP.md) reviewed - [ ] [LOCAL_DEPLOYMENT_GUIDE.md](LOCAL_DEPLOYMENT_GUIDE.md) available - [ ] Team trained on deployment process --- ## โœ… Sign-Off ### Completed By - Name: _______________ - Date: _______________ - Role: _______________ ### Verified By - Name: _______________ - Date: _______________ - Role: _______________ ### Notes ``` _________________________________ _________________________________ _________________________________ ``` --- ## ๐ŸŽ‰ You're Done! All items checked? Your pull-based deployment system is ready for production! ๐Ÿš€ **Next Steps:** 1. Regular deployments using `./deploy.sh main` 2. Monitor application health 3. Keep documentation updated 4. Train team members 5. Schedule regular backups verification --- **Quick Reference:** - Deploy: `./deploy.sh main` - Rollback: `./deploy.sh --rollback` - List: `./deploy.sh --list` - Help: `./deploy.sh --help`