Release Checklist
Use this checklist before deploying a Verge Kit application to Cloudflare Workers.
Local Verification
Run the full verification suite:
npm run verifyThis runs Astro and TypeScript checks, linting, tests, and the production build.
Run npm run build separately when investigating adapter or bundling issues.
Configuration
- Confirm
wrangler.jsonccontains the production D1database_id. - Confirm non-secret production values are in
wrangler.jsoncor the named Wrangler environment. - Confirm named Wrangler environments repeat their own
varsblocks. - Confirm
.dev.varshas not been committed.
Secrets
Better Auth always needs a stable deployed secret:
npx wrangler secret put BETTER_AUTH_SECRETSet provider secrets only for the email provider the environment uses:
npx wrangler secret put RESEND_API_KEY
npx wrangler secret put MAILGUN_API_KEYFor named environments, include the environment flag:
npx wrangler secret put BETTER_AUTH_SECRET --env productionAudit configured secret names:
npx wrangler secret list
npx wrangler secret list --env productionDatabase
Apply remote D1 migrations:
npm run db:migrate:remoteIf this is the first production deploy, create a verified remote user with the
admin role:
npm run init:admin -- --remote- Confirm
EMAIL_PROVIDERmatches the deployed environment. - Confirm
EMAIL_FROMuses a verified sender/domain for the provider. - Confirm Cloudflare Email deployments have an
EMAILbinding and verified sending domain. - Confirm Resend or Mailgun deployments have the matching API key secret.
Deploy
Deploy with Wrangler or the project CI workflow:
npm run build
npx wrangler deployAfter deployment, verify login, registration, email verification, password reset, and any protected routes that changed.