Skip to main content

Managed Production Acceptance Criteria

Owner: Anchor MSP Operations Lead Last reviewed: 2026-04-04

Purpose

Define the minimum requirements a system must meet before Anchor accepts it into managed production.

Scope

Every system being handed off from a development team (EGI or Mast) to Anchor.

Acceptance Criteria

A system must satisfy all of the following before Anchor accepts ownership:

  1. Health check endpoint. The system exposes an HTTP endpoint that returns its health status. Anchor uses this for uptime monitoring (Uptime Kuma) and liveness checks.
  2. Structured logging to stdout. Application logs are written to stdout in a structured format (JSON preferred). Anchor aggregates these via Loki.
  3. Defined resource limits. CPU and memory limits are documented and configured. Anchor monitors resource usage via Prometheus.
  4. Secrets documented. All secrets the system uses are listed, with purpose and rotation requirements. Anchor migrates these to Vault during onboarding.
  5. Backup-eligible data identified. The development team identifies which data stores need backups and classifies them (database, config, media/uploads).
  6. Monitoring hooks available. The system either exposes a Prometheus metrics endpoint or produces log patterns that Anchor can build alerts from.
  7. Deployment process documented. How to deploy the system, including any pre/post-deploy steps.
  8. Rollback procedure documented. How to roll back a failed deploy, including any data migration considerations.

What Happens If Criteria Are Not Met

The system goes back to the development team with a gap list. Anchor does not accept partial handoffs. Every item above must be satisfied before Anchor signs off on the handoff acceptance checklist.