Files
AM516/capabilities/am516-delivery-prediction/docs/deployment_checklist.md

3.4 KiB

Deployment Checklist | AM516 Delivery Prediction

1. Account And Device

  • Department shared Mac is confirmed as the runtime device.
  • Device owner and reboot owner are confirmed.
  • Department email is confirmed.
  • Department ChatGPT / Codex account plan is confirmed.
  • Account ownership, password custody, and handover method are confirmed.
  • Screen lock, disk encryption, and remote management requirements are confirmed by AR51.

2. Git And Project

  • AM516_Feishu_Bot is available on the shared Mac.
  • Git remote, branch, update, and rollback mechanisms are constructed by TH8.
  • TH8 is the supporting IT department, but its project responsibility is limited to Git construction and excludes AM516 rules, functional implementation, network access, account permissions, secrets, and outbound approval.
  • Branch and update method are confirmed.
  • Mac Studio Codex has project write permission for AR51-assigned work through direct non-Feishu local entry points, including Codex automations or scheduled tasks and the required Git operations.
  • The Feishu runtime account has read-only access to the project tree except append access to records/delivery_prediction_records.md and approved non-project log storage.
  • Project edits through Feishu are prohibited without exception; AR51-authorized rule and function changes are made outside Feishu and synchronized through Git.
  • Permission checks distinguish the request entry point: Feishu requests do not inherit local Codex write permission even when Codex is the underlying executor.
  • Rollback method is confirmed.

3. Secrets

  • AR51 has approved the API-key purpose, storage, use, rotation, and revocation method in a traceable record.
  • ZEROERR_AGENT_API_KEY is configured without printing or committing it.
  • .env or local secret file is excluded by .gitignore.
  • No API key appears in Markdown, logs, Feishu output, or Git history.

4. Runtime

  • Python 3 is available.
  • The controlled script can run locally.
  • AR51 has created a trusted approval record explicitly covering outbound access to api.zeroerr-agent.com, the AM516 use case, and API-key use.
  • If that domain-and-permission record is absent, outbound access remains blocked; a general AR51 functional-test approval is not sufficient by itself.
  • Only after approval is recorded, network can reach the AR836 delivery prediction API.
  • Feishu bot bridge or local entry is configured.
  • Logs are stored outside Git or in an approved non-secret location.

5. Acceptance

  • AR51 confirms that AM516 rules, functional design, implementation, validation, iteration, network access, account permissions, secrets, and outbound approval are owned by AR51, not TH8.
  • After the approval gate is satisfied, at least one valid model + quantity query succeeds; otherwise the blocked outbound state is recorded without attempting the request.
  • Missing API key returns a structured error without leaking secrets.
  • Invalid model stops with a clear parse failure.
  • Output includes the fixed internal-candidate disclaimer.
  • Records append to records/delivery_prediction_records.md.
  • A direct AR51 task in Mac Studio Codex can modify a test project file or perform the intended Git update without being blocked by the Feishu read-only rule.
  • A Feishu request to modify a rule or other project file is refused and leaves all project files unchanged.