Post-MVP Operator Guide

Use this page when you need to run checks, prepare credentials, or start a controlled GLD operating window.

Production remains off

The MVP roadmap is complete, but production-facing automation is still blocked. Do not add production credentials, public calendar writes, public API/RLS grants, social posting, or live AI operations unless a later approved issue explicitly changes that boundary.

Start Here

1. Check status

Confirm no open PRs, no open issue blockers, and green main CI.

2. Pick the environment

Use local or hosted-dev first. Staging requires owner-approved credentials. Production is no-go.

3. Run the smallest smoke

Start with read-only verification before write-capable hosted-dev runs.

4. Save safe evidence

Record workflow URLs, status, counts, and follow-up owners. Never paste secrets.

Common Commands

Local worker check:

cd workers/playwright-source-scanner
npm ci
npm run build
npm test
npm run lint
PYTHONDONTWRITEBYTECODE=1 python3 -B -m unittest discover scripts/tests

Docs portal check:

cd docs-portal
npm install --no-package-lock --no-audit --no-fund --no-save
npm run build

Hosted-dev verify:

gh workflow run gld-hosted-dev-smoke.yml \
  --repo vitalychernobyl/00-MobilisArchitectureInfo \
  -f mode=verify

Hosted-dev write smoke:

gh workflow run gld-hosted-dev-smoke.yml \
  --repo vitalychernobyl/00-MobilisArchitectureInfo \
  -f mode=write_smoke \
  -f write_confirmation=I_UNDERSTAND_THIS_WRITES_TO_HOSTED_DEV \
  -f approval_issue_number=179 \
  -f approval_comment_url="https://github.com/vitalychernobyl/00-MobilisArchitectureInfo/issues/179#issuecomment-APPROVAL_COMMENT_ID"

Write-capable hosted-dev modes also require an owner-authored issue comment containing APPROVE_GLD_HOSTED_DEV_WRITE, the repository, workflow, mode, and an unexpired UTC date.

Cloud source ingest dry-run:

gh workflow run gld-cloud-source-ingest.yml \
  --repo vitalychernobyl/00-MobilisArchitectureInfo \
  -f mode=dry_run \
  -f market="Washington DC" \
  -f limit=5

Credential Map

Need	Put it here	Notes
Hosted-dev Supabase URL	GitHub Environment gld-hosted-dev: GLD_HOSTED_DEV_SUPABASE_URL	Disposable hosted-dev only.
Hosted-dev Supabase server key	GLD_HOSTED_DEV_SUPABASE_SERVICE_ROLE_KEY	Secret. Never expose publicly.
Hosted-dev database URL	GLD_HOSTED_DEV_DATABASE_URL	Percent-encode database password characters.
Source tracker URL	GLD_SOURCE_TRACKER_WORKBOOK_URL	Private or revocable workbook link.
Twilio WhatsApp ingest	GLD_HOSTED_DEV_WHATSAPP_INGEST_URL	Also used as Twilio sandbox inbound webhook URL.
Twilio auth token	GLD_HOSTED_DEV_TWILIO_AUTH_TOKEN	Secret from Twilio Console.
Phone hash pepper	GLD_HOSTED_DEV_WHATSAPP_PHONE_HASH_PEPPER	Generate a dev-only random value.
OpenAI dev key	Ignored local env only: OPENAI_API_KEY	Hosted-dev workflows intentionally blank it.
TEC staging app password	Future gld-staging-publishing environment	Staging-only draft tests, no production writes.

Official setup links:

• Supabase API keys
• GitHub environments
• GitHub Actions secrets
• Twilio WhatsApp quickstart
• OpenAI API keys
• WordPress REST API authentication

What To Save

Save:

• workflow URL;
• commit SHA;
• run mode and market;
• artifact names;
• non-secret source, candidate, and package counts;
• follow-up issue links.

Do not save:

• secret values;
• service-role keys;
• database URLs;
• Twilio auth tokens;
• OpenAI keys;
• private workbook URLs;
• raw phone numbers;
• private screenshots.

Detailed Guides

• Full post-MVP operator guide
• Smoke test and credential checklist
• GLD production readiness gap analysis