production-ops-baseline-every-app-ships-wired
Production Ops Baseline — every app ships with ops layer wired from Phase 2
Rule: For every production application built in this environment (personal VPS or enterprise), the following operational layers are part of the baseline deliverable — planned at Phase 2 (Design), wired at Phase 5/7 (Platform/Delivery), and NEVER tagged as a post-ship “open item”:
- Offsite backup of stateful data (must survive total host loss — local backup alone doesn’t count)
- Error monitoring for unhandled exceptions in server + client (log scraping alone doesn’t count)
- Post-deploy smoke gate exercising authenticated routes (blocks promotion on failure)
- Restore drill verified at least once per app lifecycle
- Health probes + structured logs with correlation IDs
- Secrets outside source — env files minimum, secrets manager at enterprise scale
Two-tier shipping rule:
- Personal-VPS / R&D tier: may ship items INERT-BUT-WIRED (SDK installed, guarded on env var, docs written, activation = 1 env var flip)
- Enterprise production tier: items MUST ship ACTIVE
Banned pattern: tagging any of the 6 as an “open item post-ship”. If not in the Phase-2 plan, the plan is incomplete.
Reference implementation: R-TaskFlow v1.2.1 (2026-04-19) — scripts/backup.sh (rclone-conditional upload), instrumentation.ts (Sentry DSN-gated), scripts/smoke.sh (19-route authenticated gate).
Why cross-agent / cross-division: this rule applies to everything — Claude Code’s app builds, Paperclip agents’ deployments, NOVA’s architectural reviews, CIOS agents’ system changes. Every production surface in the environment is a “production app” by this definition.