flowardΒ·vibes
Home / 09 β€” Onboarding Checklist & SLA 2 min read

09 β€” Onboarding Checklist & SLA

Run through this before submitting your repository to the DevOps team. Your AI assistant can verify most items for you β€” ask it to.

Checklist

  • Repository follows the exact folder structure in guide 02
  • docker build -f dockerfiles/Dockerfile -t test . succeeds from the repo root (on Apple Silicon: add --platform linux/amd64)
  • Container starts using only environment variables β€” no hardcoded config
  • Image runs as a non-root user (docker run --rm test whoami β‰  root)
  • kubernetes/deployment.yaml has replicas: 2, resource requests and limits, liveness + readiness probes, and every env var from Secrets/ConfigMaps
  • kubernetes/service.yaml exists and its targetPort matches the containerPort
  • .github/workflows/ci.yml builds, pushes to ECR, and deploys to the K8s cluster on push to main; DevOps-provided placeholders are clearly marked
  • No passwords, keys, or .env files committed anywhere β€” run: git grep -iE 'password|secret|api[_-]?key|token' -- ':!*.md' ':!*.example'
  • App connects only to PostgreSQL; migrations are concurrency-safe and backwards-compatible (guide 06)
  • /healthz returns HTTP 200 when the app is running (no DB dependency); /readyz returns 200 only when ready incl. DB
  • source/README.md lists every environment variable (required?, default, source, description) plus any PostgreSQL extensions
  • App handles SIGTERM for graceful shutdown
  • App logs to stdout/stderr only

What to send the DevOps team

  1. The repository URL
  2. Your app name (used for the Secret/ConfigMap/Deployment naming β€” guide 04)
  3. The list of secrets you need created (names only; deliver values via the approved secure channel)
  4. Any required PostgreSQL extensions
  5. Expected traffic profile if unusual (helps size resources)

What DevOps does for you

Task Owner
App code, Dockerfile, ci.yml, K8s manifests, /healthz, env var docs App team
ECR repository DevOps
Kubernetes Secrets & ConfigMaps with real values DevOps
Pipeline AWS role (OIDC) + AWS_ROLE_ARN secret values DevOps
Ingress / external DNS DevOps
PostgreSQL database + extensions DevOps
First kubectl apply of your manifests DevOps

SLA

Stage Owner Commitment
Repository review DevOps Team 3 business days from submission
Deployment to environment DevOps Team 2 business days after review passes
Total end-to-end 5 business days