nhouseholder/deploy

Deploy Skill

Full deployment pipeline with verification and rollback for Cloudflare-hosted projects.

Workflow

0. MANDATORY — Verify Deploy Source Directory (UFC/MMALogic ONLY)

This step exists because a catastrophic deploy in March 2026 overwrote v11.9.3 with v10.68 by deploying from a stale directory.

Before ANY deploy for the UFC/MMALogic project:

# CHECK: Are we in the CANONICAL webapp directory?
VERSION=$(grep "APP_VERSION" src/config/version.js 2>/dev/null || echo "NO_VERSION")
echo "Building version: $VERSION"
# ABORT if version is below v11.x — you are in the WRONG directory
# The canonical source is ALWAYS: ufc-predict/webapp/frontend/
# The root webapp/ is ARCHIVED and must NEVER be deployed

ABORT if version.js shows v10.x or lower. You are in the stale root webapp/ directory.

Pre-Deploy Safety Gates (MANDATORY — before ANY deploy command)

Gate 1: Clean Working Tree Run git status. If there are uncommitted changes, commit them first. NEVER deploy uncommitted code. A deploy without a backing git commit means the next deploy from git will OVERWRITE your changes. This caused permanent data loss on researcharia.com (2026-03-26).

Gate 2: CF vs Git Timestamp Check (FAILSAFE 9) Compare last Cloudflare deployment timestamp to last git commit:

npx [email protected] deployments list 2>&1 | tail -20  # Last CF deploy date
git log -1 --format='%ci' -- public/                    # Last git commit to public/

If CF was deployed MORE RECENTLY than git's last public/ commit: STOP. Someone deployed changes directly to CF without committing. Deploying from git will OVERWRITE those changes with NO recovery path.

Gate 3: Version Regression Check (Universal) Before deploying ANY project:

1. Read the local build version (version.js, package.json, or equivalent)
2. Check the live site version (curl or Claude in Chrome)
3. If local version < live version: ABORT and alert the user This is NOT UFC-specific — it applies to ALL projects.

1. Pre-Flight Checks

# Run linter
npm run lint 2>&1 || { echo "ABORT: Lint failures"; exit 1; }

# Run tests
npm test 2>&1 || { echo "ABORT: Test failures"; exit 1; }

# Build production bundle
npm run build 2>&1 || { echo "ABORT: Build failed"; exit 1; }

ABORT if any pre-flight check fails. Do not deploy broken code.

2. Verify Environment

• Check that required environment variables are set (API keys, tokens)
• Verify wrangler is authenticated: npx wrangler whoami
• Test critical API endpoints with lightweight calls if applicable
• Confirm the target environment (production vs staging)
• For Cloudflare Pages: verify wrangler.toml config matches target project
• For Cloudflare Workers: check KV namespace bindings, D1 databases, and secrets are configured
• Check functions/ directory for Pages Functions that may need separate validation

3. Snapshot for Rollback

# Save current deployment info for rollback
CURRENT_DEPLOY=$(npx wrangler pages deployment list --project-name <PROJECT> 2>/dev/null | head -5)
echo "$CURRENT_DEPLOY" > .last_deploy_snapshot

4. Deploy

# Deploy to Cloudflare Pages
npx wrangler pages deploy <BUILD_DIR> --project-name <PROJECT> 2>&1 | tee deploy.log

Or for Workers:

npx wrangler deploy 2>&1 | tee deploy.log

5. Verify Live Site

# Wait for propagation
sleep 30

# Check the live URL returns 200
HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" https://<LIVE_URL>)

if [ "$HTTP_STATUS" != "200" ]; then
  echo "VERIFICATION FAILED: Got HTTP $HTTP_STATUS"
  # Trigger rollback
fi

Also verify:

• Key pages load correctly
• API endpoints respond (especially Pages Functions at /api/ routes)
• No console errors on critical pages (if browser tools available)
• KV cache is accessible (if applicable)
• Workers AI endpoints respond (if applicable)

5b. Data Count Verification (for sites with dynamic data)

Before deploying (step 3), snapshot key data counts from the live site:

# Snapshot pre-deploy counts (adjust endpoints per project)
PRE_EVENTS=$(curl -s https://<API>/events | jq 'length')
PRE_PICKS=$(curl -s https://<API>/picks | jq 'length')
echo "PRE-DEPLOY: $PRE_EVENTS events, $PRE_PICKS picks" > .deploy_baseline

After deploying (step 5), compare:

POST_EVENTS=$(curl -s https://<API>/events | jq 'length')
POST_PICKS=$(curl -s https://<API>/picks | jq 'length')

if [ "$POST_EVENTS" -lt "$((PRE_EVENTS * 95 / 100))" ]; then
  echo "DATA REGRESSION: Events dropped from $PRE_EVENTS to $POST_EVENTS"
  # Trigger rollback
fi

If any data count dropped >5%, rollback immediately. A site that loads with missing data is worse than a failed deploy.

6. Rollback on Failure

If verification fails:

echo "Rolling back to previous deployment..."
npx wrangler pages deployment rollback --project-name <PROJECT>
echo "ROLLBACK COMPLETE — previous deployment restored"

Alert the user immediately about the failed deployment.

7. Tag Release on Success

# Get current version from package.json
VERSION=$(node -p "require('./package.json').version")

# Tag and push
git tag -a "v$VERSION" -m "Release v$VERSION"
git push origin "v$VERSION"

echo "Deployed and tagged v$VERSION"

Quick Deploy Command

For simple deploys without the full pipeline:

npm run build && npx wrangler pages deploy <BUILD_DIR> --project-name <PROJECT>

iCloud Projects — Build from /tmp

All user projects are in iCloud Drive. Git operations and builds MUST happen from a non-iCloud clone:

1. git clone <repo> /tmp/<project-name>
2. Build and deploy from /tmp/<project-name>
3. Never git push from the iCloud directory

Known Project Deployments

| Project | Type | Deploy Command | Live URL Pattern | |---------|------|---------------|-----------------| | OctagonAI (UFC) | Pages | wrangler pages deploy dist/ | octagonai.net | | NHL | Workers/Pages | wrangler deploy or wrangler pages deploy | diamondpredictions.com | | NBA | Pages | wrangler pages deploy dist/ | courtside-ai | | MyStrainAI | Workers + Pages | wrangler deploy (backend) + wrangler pages deploy (frontend) | mystrainai.com | | Enhanced Health AI | Workers (OpenNext) | wrangler deploy | enhanced-health-ai |

Cloudflare-Specific Checks

• D1 bindings: Verify [[d1_databases]] in wrangler.toml match the production database
• KV namespaces: Check [[kv_namespaces]] bindings are correct for the environment
• Secrets: wrangler secret list to verify API keys are set (never commit secrets)
• Environment vars: Check [vars] in wrangler.toml — production values, not dev defaults
• Compatibility date: Ensure compatibility_date is recent enough for features used

Mandatory Post-Fix Pipeline (runs automatically after EVERY website change)

After ANY fix, feature, or change to a website — do ALL of these without being asked:

1. Bump version — patch for fixes, minor for features (version.js, package.json, or equivalent)
2. Update date — update any "last updated" or date display on the site
3. Commit — git add changed files + git commit with clear message
4. Push — git push origin main
5. Deploy — run the project's deploy pipeline
6. Verify — check the live site shows the new version number and date

This pipeline is NOT optional. The user should never have to ask for any of these steps.

Rules

• NEVER deploy without passing tests and lint
• NEVER build or deploy from iCloud Drive — clone to /tmp first
• ALWAYS snapshot current deployment before deploying
• ALWAYS verify the live site after deployment
• ALWAYS rollback on verification failure — don't leave broken production
• ALWAYS run data-consistency-check on any stats/dashboard pages post-deploy
• Use | tee deploy.log for all deploy commands
• Confirm with user before deploying to production (unless explicitly told to proceed)