> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Post-CI operator checklist (secrets, prod, dev)

> Complete these on your machine / in Dashboards after GitHub Actions can link projects (secrets already in GitHub).

Complete these on your machine / in Dashboards after GitHub Actions can link projects (secrets already in GitHub).

## 1. Edge Function secrets on Prod (`srcaoozjkrughebmbvfb`)

1. Copy edge-function-secrets.example.env to **`.env.production.functions`** (gitignored).
2. Fill values from **Dev** Dashboard → Edge Functions → Secrets; rotate any key that must not be shared with Prod.
3. Verify locally (optional):

```powershell theme={null}
npm run supabase:verify:production-functions-env
```

4. Run:

```powershell theme={null}
npx supabase login   # if needed
npx supabase link --project-ref srcaoozjkrughebmbvfb --password "<prod-db-password>" --yes
npx supabase secrets set --env-file .env.production.functions
```

## 2. Cron jobs, storage buckets, vault (Prod)

1. Run [dev-cron-storage-queries.sql](./dev-cron-storage-queries.sql) on **Dev** SQL Editor; paste results into [dev-cron-storage.txt](./dev-cron-storage.txt).
2. In **Prod** Dashboard: create matching **Storage** buckets; run **SQL** for `cron.schedule(...)` lines; add **Vault** secrets referenced by cron.

## 3. Seed parity smoke test

```powershell theme={null}
$env:SUPABASE_PROD_DB_URL = "<prod session pooler URI>"
$env:SUPABASE_DEV_DB_URL  = "<optional: dev session pooler URI>"
npm run check:prod-seed-parity
```

## 4. Unblock CI

* **Prod `db push`:** If CI fails with `type ... already exists`, reset the Prod database (Dashboard) once, then re-run **Deploy Supabase (production)**.
* **Dev `db push`:** If CI fails on migration history, follow [DEV\_MIGRATION\_REPAIR\_REQUIRED.md](./DEV_MIGRATION_REPAIR_REQUIRED.md).