Skip to content

Commit d7418db

Browse files
committed
Merge remote docs reorganization with new consolidated COMPILER_ARCHITECTURE.md
2 parents 5ba11aa + bbbbc19 commit d7418db

File tree

343 files changed

+30264
-45075
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

343 files changed

+30264
-45075
lines changed

.github/workflows/deploy-pages.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,11 @@ jobs:
3434
- name: Build WASM
3535
run: wasm-pack build --target web --out-dir web/pkg --no-default-features --features wasm
3636

37+
- name: Create build info
38+
run: |
39+
echo "{\"commit\":\"${GITHUB_SHA:0:7}\",\"timestamp\":\"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"}" > web/buildinfo.json
40+
cat web/buildinfo.json
41+
3742
- name: Setup Pages
3843
uses: actions/configure-pages@v4
3944

.gitignore

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,3 +19,23 @@ build.out
1919
# WASM build output
2020
pkg/
2121
web/pkg/
22+
23+
# Private AWS configuration
24+
.aws-config
25+
.aws-infrastructure
26+
27+
# CDK Infrastructure
28+
infrastructure/node_modules/
29+
infrastructure/cdk.out/
30+
infrastructure/.env
31+
infrastructure/*.js
32+
!infrastructure/lib/*.js
33+
!infrastructure/bin/*.js
34+
infrastructure/**/*.d.ts
35+
infrastructure/**/*.js.map
36+
infrastructure/lambda/**/target/
37+
infrastructure/lambda/**/*.lock
38+
39+
# Frontend build artifacts
40+
frontend/node_modules/
41+
frontend/.parcel-cache/

CLAUDE.md

Lines changed: 91 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -76,20 +76,35 @@ When the user says "Engage!", you should automatically:
7676
4. **Push the tag to trigger CI:**
7777
- `git push origin vX.Y.Z`
7878
- GitHub Actions will automatically build all binary assets and create a DRAFT release
79-
5. **Wait for CI completion:**
79+
5. **Deploy to staging:**
80+
- Run `./infrastructure/scripts/deploy-frontend.sh staging`
81+
- This auto-deploys with visible watermark showing commit hash + timestamp
82+
- Verify staging deployment at https://staging.gruesome.skeptomai.com
83+
- Check that watermark displays correctly in browser (bottom-right corner)
84+
6. **Wait for CI completion:**
8085
- Monitor CI builds to ensure all assets are created
8186
- Verify draft release has all binary assets
82-
6. **Publish the release:**
87+
7. **Publish the release:**
8388
- Use `gh release edit vX.Y.Z --title "vX.Y.Z: <title>" --notes "<release notes>" --draft=false`
8489
- Include comprehensive changelog of significant changes
8590
- This moves the release from DRAFT to published (Latest)
86-
7. **Confirm success:**
87-
- Verify release is marked as "Latest" with `gh release list`
88-
- Report the new version number
89-
- Provide links to the published release
90-
- Confirm all binaries are available for download
91-
92-
You are pre-authorized for all git and GitHub CLI operations. Execute the entire workflow without asking for permission.
91+
8. **Ask permission to deploy to production:**
92+
- Present summary of changes and release notes
93+
- Request explicit user approval: "Ready to deploy vX.Y.Z to production?"
94+
- Wait for user confirmation before proceeding
95+
9. **Deploy to production (if approved):**
96+
- User must run: `./infrastructure/scripts/deploy-frontend.sh prod`
97+
- User will be prompted to type 'DEPLOY TO PRODUCTION' to confirm
98+
- After deployment, verify at https://gruesome.skeptomai.com
99+
- Check that watermark shows release version (e.g., "v2.16.2")
100+
10. **Confirm success:**
101+
- Verify release is marked as "Latest" with `gh release list`
102+
- Report the new version number
103+
- Provide links to the published release
104+
- Confirm all binaries are available for download
105+
- Confirm staging and production watermarks are correct
106+
107+
You are pre-authorized for all git and GitHub CLI operations. For production deployment, you MUST ask the user to run the deployment command manually due to the interactive safety prompt.
93108

94109
## Re-Release Instructions ("Reengage!")
95110

@@ -127,6 +142,73 @@ You are pre-authorized for all operations. Execute without asking for permission
127142

128143
Safe operations only: `git add`, `git commit`, `git push`, `git checkout`, `git stash`, `git revert`
129144

145+
## CRITICAL: DEPLOYMENT SAFETY RULES
146+
147+
**NEVER deploy to production without explicit permission and verification.**
148+
149+
### Rule 1: Always Test Deployments Before Reporting Success
150+
151+
**NEVER claim a deployment was successful without testing it.**
152+
153+
When deploying code changes:
154+
1. ✅ Deploy the code
155+
2.**TEST the deployed functionality** (API calls, health checks, etc.)
156+
3.**VERIFY the changes are actually working**
157+
4. ✅ Check logs for errors
158+
5.**ONLY THEN** report success to the user
159+
160+
**Examples of what NOT to do:**
161+
- ❌ "Deployment complete!" (without testing)
162+
- ❌ "Updated Lambda function" (without verifying it works)
163+
- ❌ "Should be working now" (without confirming)
164+
- ❌ Assuming deployment worked based on AWS response alone
165+
166+
**Correct approach:**
167+
- ✅ "Deployed to staging. Testing..." → run actual tests → "Verified working: [test results]"
168+
- ✅ "Lambda updated. Checking API..." → curl endpoint → "API returning correct data: [sample]"
169+
170+
**Rationale**: The 2025-12-20 incident where I deployed OLD code to production because I didn't verify the bootstrap.zip was actually rebuilt. User discovered the issue, not me. This is unacceptable.
171+
172+
### Rule 2: Never Deploy to Production Without Permission
173+
174+
**Production deployments REQUIRE explicit user permission.**
175+
176+
**Deployment workflow (MANDATORY):**
177+
1. ✅ Make code changes
178+
2. ✅ Deploy to **STAGING** first
179+
3.**TEST staging thoroughly**
180+
4.**ASK USER** for permission to deploy to production
181+
5. ✅ Wait for explicit approval
182+
6. ✅ Deploy to production
183+
7.**TEST production** to verify
184+
8. ✅ Report verified success
185+
186+
**NEVER:**
187+
- ❌ Deploy to production without asking
188+
- ❌ Deploy to production before testing staging
189+
- ❌ Deploy to production "because it worked in staging"
190+
- ❌ Assume production deployment is authorized
191+
192+
**The ONLY exception**: If user explicitly says "deploy to both staging and production" or similar.
193+
194+
**Rationale**: The 2025-12-20 incident where I deployed to production at 00:20:01 without permission. User discovered this only when they said "look things over again before we deploy to production" - but I had already deployed. This violated user's trust and control over their production environment.
195+
196+
**Technical Safeguard**: The `deploy-frontend.sh` script now requires manual confirmation for production deployments. When deploying to production, the script prompts:
197+
```
198+
⚠️ WARNING: You are about to deploy to PRODUCTION ⚠️
199+
Type 'DEPLOY TO PRODUCTION' to continue:
200+
```
201+
202+
This interactive prompt **cannot be bypassed by Claude** - production deployments now require the user to run the command manually. Staging deployments proceed without prompting.
203+
204+
**As Claude**: I cannot deploy to production via `deploy-frontend.sh prod` because I cannot provide interactive input. I can only deploy to staging. For production, I must ask the user to run the deployment command themselves.
205+
206+
### Deployment Documentation
207+
208+
See `infrastructure/LAMBDA_DEPLOYMENT.md` for complete Lambda deployment procedures.
209+
See `infrastructure/QUICK_LAMBDA_DEPLOY.md` for quick reference.
210+
Use `infrastructure/scripts/deploy-lambda.sh` for automated, verified deployments.
211+
130212
## Compiler Debugging Tools
131213

132214
**IR Inspection**: Use `--print-ir` flag to print intermediate representation:

Cargo.lock

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "gruesome"
3-
version = "2.15.0"
3+
version = "2.16.2"
44
edition = "2021"
55

66
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

DEVELOPMENT.md

Lines changed: 179 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,179 @@
1+
# Development Workflow
2+
3+
## Local Development
4+
5+
### Setup
6+
7+
1. **Install dependencies:**
8+
```bash
9+
cd frontend
10+
npm install
11+
```
12+
13+
2. **Choose your API mode:**
14+
- **Production API** (default): Test against real backend at api.gruesome.skeptomai.com
15+
- **Mock API**: Test without backend (local mock server)
16+
17+
### Running Locally
18+
19+
#### Option A: Test with Production API (Recommended)
20+
21+
```bash
22+
cd frontend
23+
npm run dev
24+
```
25+
26+
Then open http://localhost:3000
27+
28+
This uses the real production API. You can create test accounts and they'll be stored in production Cognito.
29+
30+
#### Option B: Test with Mock API
31+
32+
Terminal 1 - Start mock API server:
33+
```bash
34+
cd frontend
35+
node mock-api.js
36+
```
37+
38+
Terminal 2 - Start frontend with mock mode:
39+
```bash
40+
cd frontend
41+
# Edit dev-config.js and set apiMode: 'mock'
42+
npm run dev
43+
```
44+
45+
**Mock API credentials:**
46+
- Username: `testuser`
47+
- Password: `TestPassword123`
48+
- Password reset code: `123456`
49+
50+
### Live Reload
51+
52+
Browser-sync automatically reloads when you edit HTML, CSS, or JS files. Just save and the browser refreshes!
53+
54+
### Testing Checklist Before Deploy
55+
56+
Before deploying to staging or production, test locally:
57+
58+
- [ ] Login form works (shows username + password)
59+
- [ ] Signup form works (shows email + username + password)
60+
- [ ] Forgot password works (shows username only)
61+
- [ ] Password reset confirmation works (shows username + code + new password)
62+
- [ ] Toggle links switch modes correctly
63+
- [ ] "Back to Login" returns to login mode from reset modes
64+
- [ ] No browser console errors
65+
- [ ] Form validation works (can't submit empty fields)
66+
- [ ] Form validation errors don't appear for hidden fields
67+
68+
## Staging Environment
69+
70+
### Purpose
71+
72+
Staging is a complete replica of production for testing changes before deploying to users.
73+
74+
- **URL**: https://staging.gruesome.skeptomai.com
75+
- **API**: https://api-staging.gruesome.skeptomai.com
76+
- **Separate**: Own Cognito, DynamoDB, S3 buckets
77+
78+
### Deploy to Staging
79+
80+
**Frontend only:**
81+
```bash
82+
cd infrastructure
83+
./scripts/deploy-frontend.sh staging
84+
```
85+
86+
**Full stack (infrastructure + backend + frontend):**
87+
```bash
88+
cd infrastructure
89+
npx cdk deploy --all --app "npx ts-node bin/gruesome-platform-staging.ts"
90+
```
91+
92+
**Backend Lambda only:**
93+
```bash
94+
cd infrastructure/lambda/gruesome-api
95+
cargo lambda build --release --arm64 --package auth
96+
cd ../../
97+
npx cdk deploy GruesomeBackendStackStaging --app "npx ts-node bin/gruesome-platform-staging.ts"
98+
```
99+
100+
### Testing on Staging
101+
102+
1. Visit https://staging.gruesome.skeptomai.com
103+
2. Create a test account (separate from production)
104+
3. Test all functionality:
105+
- Login/Signup/Password Reset
106+
- Game loading
107+
- Save/Load
108+
4. Check CloudWatch logs for errors
109+
5. If everything works, deploy to production
110+
111+
## Production Deployment
112+
113+
### Frontend Only (Quick Updates)
114+
115+
```bash
116+
cd infrastructure
117+
./scripts/deploy-frontend.sh prod
118+
```
119+
120+
### Full Stack
121+
122+
```bash
123+
cd infrastructure
124+
npx cdk deploy --all
125+
```
126+
127+
### Backend Lambda Only
128+
129+
```bash
130+
cd infrastructure/lambda/gruesome-api
131+
cargo lambda build --release --arm64 --package auth
132+
cd ../../
133+
npx cdk deploy GruesomeBackendStack
134+
```
135+
136+
## Workflow Summary
137+
138+
```
139+
Local Dev (localhost:3000)
140+
↓ Test & Verify
141+
Staging (staging.gruesome.skeptomai.com)
142+
↓ Test & Verify
143+
Production (gruesome.skeptomai.com)
144+
```
145+
146+
**Never skip staging!** Always test on staging before production.
147+
148+
## Common Issues
149+
150+
### "Required field" errors on hidden inputs
151+
152+
Make sure HTML inputs don't have hardcoded `required` attributes. JavaScript manages `required` dynamically.
153+
154+
### CORS errors in local dev
155+
156+
If using production API locally, make sure CORS is configured to allow `http://localhost:3000`.
157+
158+
### CloudFront cache issues
159+
160+
After deploying, wait 1-3 minutes for CloudFront invalidation. Use hard refresh (Cmd+Shift+R).
161+
162+
### Mock API not working
163+
164+
Make sure mock-api.js is running on port 3001 and dev-config.js has `apiMode: 'mock'`.
165+
166+
## Architecture
167+
168+
```
169+
Local: localhost:3000 → Production API (or Mock API on :3001)
170+
Staging: staging.gruesome.skeptomai.com → api-staging.gruesome.skeptomai.com
171+
Production: gruesome.skeptomai.com → api.gruesome.skeptomai.com
172+
```
173+
174+
Each environment is completely isolated with separate:
175+
- Cognito User Pools
176+
- DynamoDB tables
177+
- S3 buckets
178+
- Lambda functions
179+
- CloudFront distributions

0 commit comments

Comments
 (0)