Verification Checklist

Pre-deploy and post-deploy verification steps for the Gatelithix Gateway.

Pre-Deploy (Local)

Run these before every deploy to verify the codebase is healthy.

1. Build + Lint + Unit Tests


make ci

Verifies: lint (0 issues), vet, all unit tests pass, coverage ≥ 60%.

2. Integration Tests (requires Docker)


docker compose up -d  # Start PostgreSQL + Redis
go test -tags=integration ./tests/integration/... -v -count=1

Runs 98 integration tests against real PostgreSQL via testcontainers. Covers all 7 PostgreSQL stores, migration rollbacks, connection failure recovery, and Pub/Sub emulator.

3. gatelithix CLI Build


go build -o bin/gatelithix ./cmd/gatelithix/ && ./bin/gatelithix --help

Verifies the debug CLI compiles and all 5 subcommands are registered (tx, webhook, connector, pubsub, db).

4. Docs Site Build


cd apps/docs && npm run build

Requires Node 22+. Verifies the Nextra site builds with all 25 pages (architecture, operations, compliance).

5. Schema Docs Generation


bash scripts/generate-schema-docs.sh

Auto-generates database schema documentation from migration SQL files. Output: apps/docs/content/architecture/database-schema.mdx.

6. Rotation Scripts Syntax Check


for f in scripts/rotate-*.sh; do bash -n "$f" && echo "OK $f"; done

Validates all 5 secret rotation scripts (db-password, hmac-key, connector-key, redis-auth, auth0-secret).

Post-Deploy (Requires GCP Access)

Run these after deploying to Cloud Run.

7. Production Health Check


make prod-status

This runs scripts/prod-status.sh and checks:

Service health — Gateway and Vault Cloud Run services are Ready
Active revisions — latest revision is serving traffic
Version check — deployed image SHA matches local HEAD
Infrastructure — Cloud SQL (core + PCI) and Redis are RUNNABLE/READY
CI/CD pipeline — latest GitHub Actions runs succeeded
Recent errors — no ERROR-level logs in the last 30 minutes

For a quick check without logs: make prod-status-quick

8. PCI Verification

Run the gcloud commands from the PCI verification page against your live GCP projects:


# View all verification commands
grep "gcloud" apps/docs/content/compliance/pci-verification.mdx

Each command verifies a specific PCI DSS 4.0.1 control (firewall rules, KMS keys, IAM bindings, audit logs).

9. Deployed E2E Test


GATEWAY_URL=https://gateway-XXXXX.run.app \
  go test -tags=e2e ./tests/e2e/... -v -count=1 -run TestDeployed

Tests full payment lifecycle (authorize → capture → refund) through the sandbox connector on deployed Cloud Run. Authenticates via seeded test API key (sk_test_e2e_*).

10. Milestone Audit

Once all checks pass:


/gsd:audit-milestone

Audits the milestone against its original intent before archiving.

Quick Reference

Step	Command	Requires
1. CI	`make ci`	Go, golangci-lint
2. Integration	`go test -tags=integration ./tests/integration/...`	Docker
3. CLI	`go build -o bin/gatelithix ./cmd/gatelithix/`	Go
4. Docs	`cd apps/docs && npm run build`	Node 22+
5. Schema	`bash scripts/generate-schema-docs.sh`	bash
6. Rotation	`for f in scripts/rotate-*.sh; do bash -n "$f"; done`	bash
7. Prod status	`make prod-status`	gcloud auth
8. PCI	gcloud commands from pci-verification.mdx	GCP auth
9. E2E	`GATEWAY_URL=... go test -tags=e2e ./tests/e2e/...`	Deployed infra