# Phase 7: Deployer & Health Checker **Status:** ✅ Complete **Parent plan:** [PLAN.md](./PLAN.md) **Domain:** backend ## Objective Implement the core deployment orchestrator: pull → start container → configure NPM proxy → health check → success/rollback. Plus multi-instance support and notifications. ## Tasks - [x] Task 1: Define deployer service struct — depends on Docker client, NPM client, store, notifier - [x] Task 2: Implement deploy flow: pull image → create container → start → connect to network → configure proxy → health check - [x] Task 3: Implement subdomain generation per convention: `stage-{stage}-{project}` for default, `stage-{stage}-{project}-{tag}` for specific - [x] Task 4: Sanitize tags for DNS (dots → dashes, lowercase, truncate) - [x] Task 5: Implement health checker — HTTP GET to `http://container:{port}{healthcheck_path}` with retries and timeout - [x] Task 6: Implement rollback on health check failure — remove new container, delete NPM proxy host, update instance status - [x] Task 7: Implement multi-instance support — multiple tags of same project/stage can run simultaneously - [x] Task 8: Implement max_instances enforcement — remove oldest instance when limit reached - [x] Task 9: Implement notification webhook — POST to configured URL on deploy success/failure - [x] Task 10: Create deploy history records in store (status, timestamps, logs) - [x] Task 11: Implement deploy log streaming — append log entries during deploy for real-time visibility ## Files to Modify/Create - `internal/deployer/deployer.go` — main deploy orchestrator - `internal/deployer/subdomain.go` — subdomain generation and DNS sanitization - `internal/deployer/rollback.go` — rollback logic - `internal/health/checker.go` — HTTP health checker with retries - `internal/notify/notifier.go` — webhook notification sender ## Acceptance Criteria - Full deploy flow works end-to-end (pull → proxy → health check) - Failed health checks trigger automatic rollback - Multi-instance: deploying a new tag doesn't stop existing instances - max_instances removes oldest instance when exceeded - Notifications fire on success and failure - Deploy history is recorded with status and timestamps ## Notes - Health check: 3 retries, 5s between retries, 10s timeout per attempt (configurable later) - Subdomain pattern comes from global settings - Notifications are fire-and-forget (don't block deploy on notification failure) - Deploy logs should be structured entries (timestamp + message) for SSE streaming later - The deployer is the central orchestrator — webhook handler and poller both call into it ## Review Checklist - [ ] All tasks completed - [ ] Rollback cleans up ALL resources (container, proxy, instance record) - [ ] No goroutine leaks - [ ] Error handling at every step of the deploy flow - [ ] Subdomain generation produces valid DNS names ## Handoff to Next Phase