notes
notes copied to clipboard
Published
20 hours ago •
theodorosploumis
theodorosploumis
Online service: Checklist of actions (eg security updates) for distributed teams
- Backups (create, restore, more often backups, remote access from cli)
- Composer commands
- Git commands
- Drush commands
- CI/CD: Do not deploy code if a fatal error occurs
- PHP testing (pipelines etc)
- UI testing (automated, eg e2e testing with Cypress for A11y, Design, usage etc)
- UAT (by humans with scenarios, eg RA from Acquia)
- Uptime monitoring (external, eg uptimerobot, New Relic)
- Support tickets templates, required emails etc
- SMS and email alerts for PHP fatal errors
- If a fatal PHP error occurs the customer should follow "these steps" (eg call us on the phone and then contact the hosting provider)
- High emergency steps (how to rollback from the UI)
Related pages:
- https://github.com/theodorosploumis/notes/blob/master/drupal/security-updates.md
- https://github.com/theodorosploumis/notes/blob/master/drupal/script-get-prod-config.md
- https://github.com/theodorosploumis/notes/blob/master/drupal/deployment-workflow.md
- https://github.com/theodorosploumis/notes/blob/master/drupal/testing/README.md
- https://github.com/theodorosploumis/notes/blob/master/drupal/contract.md
A shared single page where each part (Developer, PM, Site owner) should check the related task from a Security Updates checklist. Any part can see the progress of a Security update and there is a common action log for reference.
- Calendar and schedule
- Action log
- Predefined lists
- Password protected (user accounts, groups)
- Permissions per action (who can check a list item)
- Reports
- Email alerts
- Real time alerts on browser (push notifications)
- SMS alerts
- API
- Export data
- White label software
- Teams and roles