CHNS/AI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated to include Ntfy checks

Browse Source
This commit is contained in:
Derek Cooper
2026-03-22 01:33:51 -07:00
parent f2d396ddee
commit 823a995364
1 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
playbooks/service-golive.md
View File

@@ -31,6 +31,34 @@ Goal: Catch missing functionality before users find it.
- [ ] Are there any TODO/FIXME/HACK comments in the code that indicate unfinished work?
- [ ] Does the service handle its own startup failures gracefully (exits cleanly, logs reason)?
### 1a. Ntfy Admin Notifications
Goal: Ensure the super admin is alerted to significant events without having to monitor logs manually.
- [ ] Is Ntfy (or equivalent push notification system) integrated into the application?
- [ ] Are admin-relevant events triggering Ntfy notifications?
**If Ntfy is NOT implemented**, flag as WARN and recommend the following events for notification coverage based on what the app does:
| Event | Severity | Why it matters |
|---|---|---|
| Successful admin login | High | Detect unauthorized admin access |
| Failed admin login (threshold reached) | High | Brute-force indicator |
| New user registration | Medium | Visibility into who is joining |
| User account deletion | Medium | Audit trail for removals |
| Role/permission escalation | High | Privilege change could indicate compromise |
| Password reset requested | Medium | Could indicate account takeover attempt |
| Rate limit triggered | Medium | Abuse or misconfigured client |
| API key created or revoked | High | Credential lifecycle event |
| Service startup / crash recovery | Medium | Unexpected restarts need awareness |
| High error rate (e.g. 5xx spike) | High | App health degrading in production |
| Large data export initiated | Medium | Data exfiltration risk indicator |
| Config or environment change detected | High | Unplanned changes should be visible |
**AI Action:** Search the codebase for Ntfy integration (look for `ntfy`, `ntfy.sh`, or HTTP POST calls to a notification endpoint). If none found, list the above recommended events as WARN items and ask the user whether to implement before go-live or defer.
---
**AI Action:** List any gaps found with file and line references. Ask the user whether to fix now or defer.
---