d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
8d5540bf1d7ffbe8f48ded1aa38cc18713f65fbe
proxmox/docs/00-meta/RECOMMENDATIONS_OPERATOR_CHECKLIST.md

86 lines
5.1 KiB
Markdown
Raw Normal View History

Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00
# Recommendations and operator checklist (R1R24)
**Purpose:** Single checklist for all recommendations from [REMAINING_COMPONENTS_TASKS_AND_RECOMMENDATIONS](REMAINING_COMPONENTS_TASKS_AND_RECOMMENDATIONS.md) Part 2. Use when deploying, verifying, or operating.
chore: sync all changes to Gitea - Config, docs, scripts, and backup manifests - Submodule refs unchanged (m = modified content in submodules) Made-with: Cursor
2026-03-02 11:37:34 -08:00
**Related:** [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md) | [BLOCKSCOUT_VERIFICATION_GUIDE](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md) | [MASTER_SECRETS_INVENTORY](../04-configuration/MASTER_SECRETS_INVENTORY.md) | [COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md](COMPLETE_REQUIRED_OPTIONAL_RECOMMENDED_INDEX.md) (full plan: required / optional / recommended).
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00
---
## Verification and source of truth (R1R3)
| # | Action | When |
|---|--------|------|
| R1 | Verify every deployed contract on Blockscout (Forge Verification Proxy or BLOCKSCOUT_VERIFICATION_GUIDE) | After each deployment when Blockscout is reachable |
chore: sync all changes to Gitea - Config, docs, scripts, and backup manifests - Submodule refs unchanged (m = modified content in submodules) Made-with: Cursor
2026-03-02 11:37:34 -08:00
| R2 | Keep [CONTRACT_ADDRESSES_REFERENCE](../11-references/CONTRACT_ADDRESSES_REFERENCE.md) and [ADDRESS_MATRIX_AND_STATUS](../11-references/ADDRESS_MATRIX_AND_STATUS.md) updated; reconcile duplicate .env entries | When new contracts are deployed or deprecated |
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00
| R3 | Run `./scripts/verify/check-contracts-on-chain-138.sh [RPC]`; fix any MISSING/EMPTY | Periodically or after deploy |
## Security and secrets (R4R7)
| # | Action | When |
|---|--------|------|
| R4 | **Do not use** CCIPWETH9Bridge at `0x89dd...`; use only `0x971c...` and set `CCIPWETH9_BRIDGE_CHAIN138` in env | Always; see runbook § Deprecated bridge |
| R5 | Never commit .env or private keys; use MASTER_SECRETS_INVENTORY; rotate any exposed keys | Always |
| R6 | API keys in .env.example — Done (placeholders) | — |
| R7 | Restrict deployer key and RPC admin access (RPC_URL_138) to operators who need them | Access review |
## Deployment (R8R11)
| # | Action | When |
|---|--------|------|
| R8 | Set RPC_URL_138 (Core); run from LAN/VPN if 192.168.11.x not reachable | Before deploy |
| R9 | Use GAS_PRICE=1000000000 (or current min) on Chain 138; see CONTRACT_DEPLOYMENT_RUNBOOK | Every forge script/create on 138 |
| R10 | Phased core: 01_DeployCore first, set env, then 02_DeployBridges; alltra-lifi: MerchantSettlementRegistry before WithdrawalEscrow | Deploy order |
| R11 | If tx stuck, manage nonce; see DEPLOYMENT_STRATEGY_EVALUATION | Troubleshooting |
## Documentation and runbooks (R12R13)
| # | Action | When |
|---|--------|------|
| R12 | Keep CONTRACT_DEPLOYMENT_RUNBOOK, BLOCKSCOUT_VERIFICATION_GUIDE, BLOCKSCOUT_FIX_RUNBOOK in sync with scripts and Blockscout URL | After script or URL changes |
chore: sync all changes to Gitea - Config, docs, scripts, and backup manifests - Submodule refs unchanged (m = modified content in submodules) Made-with: Cursor
2026-03-02 11:37:34 -08:00
| R13 | When deploying to mainnet or other chains, document addresses in CONTRACT_ADDRESSES_REFERENCE or chain-specific doc; update [ADDRESS_MATRIX_AND_STATUS](../11-references/ADDRESS_MATRIX_AND_STATUS.md) | Per-chain deploy |
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00
## Automation and CI/CD (R14R16)
| # | Action | When |
|---|--------|------|
| R14 | Run run-contract-verification-with-proxy.sh after deployments when Blockscout reachable from CI | CI after deploy |
| R15 | Consider single script: check env → deploy → verify → update config (COMPREHENSIVE_RECOMMENDATIONS § Infrastructure) | Automation |
| R16 | Use .env.development / .env.staging / .env.production or JSON configs per chain | Config hygiene |
## Monitoring and operations (R17R18)
| # | Action | When |
|---|--------|------|
| R17 | Monitor critical bridge/oracle events (TransferInitiated, TransferCompleted, price updates); see COMPREHENSIVE_RECOMMENDATIONS § Monitoring | Ongoing |
| R18 | Ensure Blockscout (VMID 5000) is up and /api reachable; see EXPLORER_API_ACCESS, BLOCKSCOUT_FIX_RUNBOOK | Health checks |
## Testing and quality (R19R20)
| # | Action | When |
|---|--------|------|
| R19 | Run `forge test` in smom-dbis-138 and alltra-lifi-settlement before deploying; run integration tests where available | Pre-deploy |
| R20 | NatSpec on public contract functions (verification and tooling) | Code quality |
## Configuration and DNS (R21R22)
| # | Action | When |
|---|--------|------|
docs(stage2): mark R21 / Sankofa cutover done across 00-meta checklists - REMAINING_TASKS_BREAKDOWN_MISSING_INFO §2 + step 4 - REMAINING_WORK_BREAKDOWN_AND_ANSWERS Sankofa Q&A + one-line summary - REMAINING_COMPONENTS R21; operator-only + improvements + checklists Made-with: Cursor
2026-03-27 15:40:45 -07:00
| R21 | **Done 2026-03:** NPMplus + ALL_VMIDS + RPC_ENDPOINTS_MASTER + SANKOFA_CUTOVER_PLAN v1.1 | Complete |
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00
| R22 | Document or configure blocks #2#6 in NETWORK_ARCHITECTURE and NETWORK_CONFIGURATION_MASTER (or mark reserved); see NETWORK_PLACEHOLDERS_DECISION | When decided |
## Quick wins (R23)
| # | Action | When |
|---|--------|------|
chore: sync all changes to Gitea - Config, docs, scripts, and backup manifests - Submodule refs unchanged (m = modified content in submodules) Made-with: Cursor
2026-03-02 11:37:34 -08:00
| R23 | Scripts: add progress indicators; add --dry-run where missing; extend config validation (IMPLEMENTATION_CHECKLIST). **Done:** `run-completable-tasks-from-anywhere.sh` has Step 1/44/4; `validate-config-files.sh`, `run-e2e-flow-tasks-full-parallel.sh`, `run-all-operator-tasks-from-lan.sh` support `--dry-run`. | Script updates |
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-21 15:46:06 -08:00
## Token mapping (R24)
| # | Action | When |
|---|--------|------|
| R24 | Keep config/token-mapping.json as single source of truth for 138↔Mainnet; when adding tokens update token-mapping.json and optionally CHAIN138_TOKEN_ADDRESSES; see TOKEN_MAPPING_AND_MAINNET_ADDRESSES | Adding tokens |
---
**Key commands:** See [REMAINING_COMPONENTS_TASKS_AND_RECOMMENDATIONS](REMAINING_COMPONENTS_TASKS_AND_RECOMMENDATIONS.md) Part 3.
Reference in New Issue Copy Permalink