Deployment Checklist
Complete checklist for deploying the backend system to production or staging environments.
Pre-Deployment
1. Environment Configuration
- Set
NODE_ENVtoproductionorstaging - Configure
FUNCTION_REGION(default:us-central1) - Set allowed origins in CORS configuration
- Configure frontend URL for OAuth callbacks
2. Firebase Project Setup
- Create Firebase project in Google Cloud Console
- Enable Billing (required for Cloud Functions 2nd gen)
- Upgrade to Blaze plan
- Note project ID for configuration
3. Firebase Services
Authentication:
- Enable Email/Password authentication
- Configure authorized domains for OAuth redirects
- Set up custom domain (optional)
Firestore:
- Create Firestore database (default or named)
- Choose region (must match Cloud Functions region)
- Deploy security rules:
firebase deploy --only firestore:rules - Deploy composite indexes:
firebase deploy --only firestore:indexes - Verify indexes are building (can take 5-10 minutes)
Cloud Storage:
- Create default storage bucket or custom bucket
- Configure CORS for media access
- Deploy storage rules:
firebase deploy --only storage
4. Cloud Tasks Queues
Create required queues in the same region as Cloud Functions:
REGION=us-central1
PROJECT_ID=your-project-id
# Orchestrator queue
gcloud tasks queues create orchestrate-posts \
--location="$REGION" \
--project="$PROJECT_ID"
# Platform publish queues (create all that you need)
gcloud tasks queues create publish-facebook --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create publish-instagram --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create publish-threads --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create publish-x --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create publish-tiktok --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create publish-youtube --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create publish-linkedin --location="$REGION" --project="$PROJECT_ID"
# Optional repost queues
gcloud tasks queues create repost-instagram --location="$REGION" --project="$PROJECT_ID"
gcloud tasks queues create repost-youtube --location="$REGION" --project="$PROJECT_ID"
Verify queues:
gcloud tasks queues list --location="$REGION"
5. Platform Integration Credentials
Configure OAuth credentials for each platform integration.
Facebook:
- Create Facebook App at https://developers.facebook.com
- Add Facebook Login product
- Configure OAuth redirect URI
- Enable required permissions:
public_profile,email,pages_show_list,pages_manage_posts - Set environment variables:
FACEBOOK_APP_ID,FACEBOOK_APP_SECRET,FACEBOOK_CALLBACK_URL
Instagram:
- Use Facebook App (Instagram integration)
- Add Instagram Basic Display product
- Configure OAuth redirect URI
- Set scopes:
instagram_business_basic,instagram_business_content_publish - Set environment variables:
INSTAGRAM_APP_ID,INSTAGRAM_APP_SECRET,INSTAGRAM_CALLBACK_URL
Threads:
- Create Threads App at https://developers.facebook.com
- Configure OAuth redirect URI
- Set scopes:
threads_basic,threads_content_publish - Set environment variables:
THREADS_CLIENT_ID,THREADS_CLIENT_SECRET,THREADS_CALLBACK_URL
X (Twitter):
- Create X App at https://developer.x.com
- Enable OAuth 2.0 with PKCE
- Configure OAuth redirect URI
- Set scopes:
tweet.read,tweet.write,users.read,offline.access - Set environment variables:
X_CLIENT_ID,X_CLIENT_SECRET(optional),X_CALLBACK_URL - For media upload: Enable OAuth 1.0a, set
X_CONSUMER_KEY,X_CONSUMER_SECRET,X_OAUTH1_CALLBACK_URL
TikTok:
- Create TikTok App at https://developers.tiktok.com
- Configure OAuth redirect URI (no trailing slash, no query params)
- Set scopes:
user.info.basic,user.info.profile,video.list,video.upload - Set environment variables:
TIKTOK_CLIENT_KEY,TIKTOK_CLIENT_SECRET,TIKTOK_CALLBACK_URL
YouTube:
- Create Google Cloud Project
- Enable YouTube Data API v3
- Create OAuth 2.0 credentials
- Configure authorized redirect URIs
- Set scopes:
https://www.googleapis.com/auth/youtube,youtube.upload - Set environment variables:
YOUTUBE_CLIENT_ID,YOUTUBE_CLIENT_SECRET,YOUTUBE_CALLBACK_URL
LinkedIn:
- Create LinkedIn App at https://www.linkedin.com/developers
- Configure OAuth redirect URI
- Set scopes:
w_member_social,openid,profile - Set environment variables:
LINKEDIN_CLIENT_ID,LINKEDIN_CLIENT_SECRET,LINKEDIN_CALLBACK_URL
6. Stripe Integration (Subscriptions)
- Create Stripe account
- Get API keys (publishable and secret)
- Create subscription products and prices
- Configure webhook endpoint:
https://YOUR_FUNCTION_URL/stripeWebhook - Add webhook events:
checkout.session.completed,invoice.payment_succeeded,customer.subscription.deleted - Set environment variables:
STRIPE_SECRET_KEY,STRIPE_WEBHOOK_SECRET - Test webhook delivery in Stripe dashboard
7. OpenAI Integration (AI Features)
- Create OpenAI account
- Generate API key
- Set credit limits/budgets
- Set environment variable:
OPENAI_API_KEY - Test API access
8. Environment Variables
Set all required environment variables in Firebase Functions config:
# Firebase Functions v2 environment variables
firebase functions:config:set \
stripe.secret_key="sk_..." \
stripe.webhook_secret="whsec_..." \
openai.api_key="sk-..." \
facebook.app_id="..." \
facebook.app_secret="..." \
# ... (all platform credentials)
Or use .env file approach with Functions v2 (recommended):
# .env file in functions directory
STRIPE_SECRET_KEY=sk_...
STRIPE_WEBHOOK_SECRET=whsec_...
OPENAI_API_KEY=sk-...
FACEBOOK_APP_ID=...
FACEBOOK_APP_SECRET=...
# ... (all platform credentials)
Deployment
1. Install Dependencies
cd apps/functions
pnpm install
2. Build (if applicable)
# If using TypeScript or build step
pnpm run build
3. Deploy Cloud Functions
Deploy all functions:
firebase deploy --only functions
Deploy specific functions (faster for updates):
# Deploy API function only
firebase deploy --only functions:api
# Deploy specific platform
firebase deploy --only functions:publishInstagram
# Deploy multiple
firebase deploy --only functions:api,functions:publishInstagram,functions:publishThreads
Monitor deployment:
# Watch deployment progress
firebase deploy --only functions --debug
# View function logs
firebase functions:log
4. Verify Deployment
- Check functions are deployed:
firebase functions:list - Verify function URLs are accessible
- Test API health check:
curl https://YOUR_API_URL/health - Check function logs for errors:
firebase functions:log
5. Deploy Firestore Rules & Indexes
# Deploy security rules
firebase deploy --only firestore:rules
# Deploy composite indexes
firebase deploy --only firestore:indexes
# Verify indexes are building
firebase firestore:indexes
Wait for indexes to complete (5-10 minutes for first deployment).
6. Deploy Storage Rules
firebase deploy --only storage
Post-Deployment
1. Smoke Tests
Test API endpoints:
# Health check
curl https://YOUR_API_URL/health
# Test authentication (should return 401)
curl -X POST https://YOUR_API_URL/v1/posts
# Test with API key
curl -X POST https://YOUR_API_URL/v1/posts \
-H "X-API-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"post":{"content":{"text":"test"},"platforms":["threads"]}}'
Test OAuth flows:
- Test Facebook OAuth connection
- Test Instagram OAuth connection
- Test Threads OAuth connection
- Test X OAuth connection
- Test TikTok OAuth connection
- Test YouTube OAuth connection
- Test LinkedIn OAuth connection
Test publishing:
- Test post submission to single platform
- Test multi-platform post
- Test scheduled post
- Test post with media
Test AI features:
- Test audio transcription
- Verify credit deduction
Test Stripe:
- Test subscription checkout
- Test webhook delivery
- Verify credit grants on subscription
2. Monitoring Setup
Enable Cloud Monitoring:
- Set up uptime checks for API endpoint
- Configure alerting policies for errors
- Set up log-based metrics
Firestore monitoring:
- Monitor document read/write usage
- Set up budget alerts
- Monitor index performance
Function monitoring:
- Monitor function invocations
- Monitor function execution time
- Monitor function errors
- Set up alerting for high error rates
3. Performance Tuning
Cloud Functions:
- Review function memory allocation (512MB default)
- Review function timeout (60s default, 540s max)
- Review function concurrency limits
- Enable function minimum instances for hot start (optional, costs more)
Cloud Tasks:
- Configure queue rate limits based on platform API limits
- Set max concurrent dispatches per queue
- Configure retry parameters
Example:
gcloud tasks queues update publish-x \
--location="us-central1" \
--max-dispatches-per-second=10 \
--max-concurrent-dispatches=5 \
--max-attempts=5 \
--min-backoff=10s \
--max-backoff=600s
4. Security Hardening
- Review Firestore Security Rules for data access
- Review Storage Security Rules for media access
- Enable App Check for client requests (optional)
- Configure IAM roles for service accounts
- Restrict function invocation to authenticated requests only (if needed)
- Enable VPC Service Controls (enterprise)
5. Backup & Disaster Recovery
Firestore backups:
# Schedule daily exports
gcloud firestore export gs://YOUR_BACKUP_BUCKET
# Set up automated scheduled exports (Cloud Scheduler)
gcloud scheduler jobs create app-engine \
firestore-backup \
--schedule="0 2 * * *" \
--relative-url="/admin/backup" \
--http-method=POST
Function code backup:
- Ensure all code is in version control (Git)
- Tag releases for rollback capability
- Document deployment procedures
6. Documentation
- Document all environment variables
- Document all platform OAuth app IDs
- Document deployment procedures for team
- Create runbook for common issues
- Document rollback procedures
Rollback Procedures
Rolling Back Functions
# List previous versions
gcloud functions list --gen2 --region=us-central1
# Rollback specific function to previous version
gcloud functions deploy api \
--gen2 \
--region=us-central1 \
--source=./previous-version \
--entry-point=api
Or use Firebase:
# Firebase automatically keeps previous versions
# Rollback by redeploying previous code from git
git checkout PREVIOUS_TAG
firebase deploy --only functions:api
Rolling Back Firestore Rules
# View rule history in Firebase Console
# Manually restore previous version from console
# Or keep versioned rules in git
git checkout PREVIOUS_TAG
firebase deploy --only firestore:rules
Troubleshooting
Functions Not Deploying
- Check billing is enabled
- Verify project quota limits
- Check function size is less than 100MB
- Review deployment logs:
firebase deploy --only functions --debug
Functions Timing Out
- Increase function timeout in
firebase.json - Check for infinite loops or blocking code
- Review function logs for slow operations
Firestore Permission Denied
- Review Firestore Security Rules
- Check user authentication status
- Verify indexes are built
Cloud Tasks Not Dispatching
- Verify queues exist:
gcloud tasks queues list - Check queue is not paused
- Review function logs for enqueue errors
- Verify function URLs are accessible
Platform OAuth Failures
- Verify redirect URIs match exactly
- Check app is not in development mode (test users only)
- Verify scopes are approved by platform
- Check callback URLs are https (not http)
Staging Environment
Maintain a separate staging environment for testing:
- Create separate Firebase project for staging
- Use separate platform OAuth apps with staging redirect URIs
- Use Stripe test mode keys
- Deploy to staging first, test, then promote to production
- Use separate Cloud Tasks queues for staging
Production Checklist
Before going live:
- All smoke tests passing
- Monitoring and alerting configured
- Backup procedures in place
- Team trained on deployment procedures
- Rollback procedures documented and tested
- On-call rotation established
- Incident response plan documented
- Performance baselines established
- Load testing completed
- Security audit completed