Dispatch Plan — Morning Wave 2 — 2026-05-19 UTC
Prepared by: raxx-pm-bot
Generated: 2026-05-19 UTC
T-minus: T-4 days to v1 launch (2026-05-23 UTC)
Context: Sequential cautious dispatch. One PR lands + merges (CI green) before next card is dispatched. Main thread watching PR #2503 (#1483 customer-audit POST endpoint).
Dispatch Order
Cards are ordered: smallest/highest-priority first. All verified agent-dispatchable (no blocked:*, no operator-action, no size:l/xl, no open PR already referencing them, no area:queue gating on Queue prod still in flight).
1. #2504 — fix(console): Promote button deep-link to flag detail page
- Issue: #2504
- Title: P1: Promote button goes to flag releases index instead of deep-linking to the flag
- Size:
size:s| Area:area:console| Age: filed 2026-05-19 (today, severity:high) - Why now: P1 regression on the Console flag promotion UI — breaks the operator-facing flag workflow that is in active use during the T-4 launch crunch. Every flag flip the operator does today hits this bug.
- Why not later: The promote path is on the critical daily-ops loop. Burning operator time on workarounds burns launch margin.
- Dispatch surface: Antlers (Console frontend)
2. #2503 — fix(console): Investigate/Detail/Deploy buttons on dashboard tiles do not fire
- Issue: #2503
- Title: P1: Investigate / Detail / Deploy buttons on Console dashboard tiles don't fire
- Size:
size:s| Area:area:console| Age: filed 2026-05-19 (today, severity:high) - Why now: P1 regression — three primary Console CTAs are dead. Status visibility is the core Console value prop; non-functional buttons mean the operator cannot act from the dashboard.
- Why not later: Same bug cluster as #2504; likely in the same component pass. Filing together makes efficient use of one feature-dev context.
- Note: This is the card the main thread is currently watching a PR for (#2503 is also listed as the watched card in the brief context — confirm before dispatching; if PR #2503 covers it, skip and go to #3).
- Dispatch surface: Antlers (Console frontend)
3. #1603 — fix(antlers): Add YAML stubs for flag drift-reconciler blindspot
- Issue: #1603
- Title: fix(antlers): add YAML stubs for antlers_demo_mode + antlers_visual_port_v1 — drift-reconciler blindspot
- Size:
size:s| Area:area:frontend| Age: 2026-05-10 (9 days) - Why now: The drift reconciler (pre-launch-blocker chain #2010 / #2013) will silently skip these two flags if the YAML stubs are absent. Landing this before reconciler work completes prevents a flag-drift false-negative at launch.
- Why not later: Each day without stubs is a day the reconciler runs blind on two flags. This is a 1-file YAML change.
- Dispatch surface: Antlers (frontend feature flag YAML)
4. #925 — fix(rotation): Provision GITHUB_API_SECRETS_TOKEN with secrets:write scope
- Issue: #925
- Title: fix(rotation): provision GITHUB_API_SECRETS_TOKEN with secrets:write scope
- Size:
size:s| Area:area:console(Velvet rotation service) | Age: 2026-05-03 (16 days, priority:high) - Why now: Velvet rotation workflows fail silently when the token lacks
secrets:write. Any rotation triggered during the T-4 window would produce a false-success. High-confidence one-shot fix. - Why not later: Rotation is part of the launch security posture; gap should be closed before any live keys are in scope.
- Dispatch surface: Raptor / Velvet CI configuration
5. #2053 — type:reliability: Audit raxx-api-pr- and raxx-app-pr- teardown gaps
- Issue: #2053
- Title: type:reliability — audit raxx-api-pr- and raxx-app-pr- teardown gaps
- Size:
size:xs| Area:area:devops| Age: 2026-05-14 (5 days) - Why now: Orphaned review-app dynos are burning Heroku minutes during peak pre-launch CI activity. The Heroku rate-limit was raised to 9,000/hr; teardown gaps exacerbate the risk of hitting it again.
- Why not later: Pure audit + runbook card — low blast radius, no prod surface. Can run in parallel with any other in-flight PR.
- Dispatch surface: DevOps / CI scripts
6. #1484 — feat(raptor): FreeScout webhook — POST /api/internal/freescout-webhook
- Issue: #1484
- Title: feat(raptor): FreeScout webhook — POST /api/internal/freescout-webhook + freescout_ticket_cache upsert
- Size:
size:s| Area:area:raptor,area:security| Age: 2026-05-09 (10 days, priority:high) - Why now: The FreeScout → Raptor ticket-cache webhook is required for RBAC V2 auto-revoke on ticket close. Without it, a closed support ticket does NOT automatically revoke the associated support-access session. This is a security correctness gap, not a nice-to-have.
- Why not later: Must land before first customer support ticket is created. Pre-launch window is the right time.
- Note: #1483 (POST /api/customer-audit/event) is being watched right now. #1484 is a separate endpoint and should not be blocked unless #1483 reveals a shared schema change. Confirm no dependency before dispatching.
- Dispatch surface: Raptor backend (backend_v2)
7. #2143 — ops(cloudflare): CF Access skip rule for vault.raxx.app/api/v1/auth
- Issue: #2143
- Title: ops(cloudflare): CF Access skip rule for vault.raxx.app/api/v1/auth — unblock Infisical CLI machine identity (#680 root cause)
- Size:
size:s| Area:area:devops,area:security| Age: 2026-05-15 (4 days, priority:high) - Why now: Agents reading vault via CLI machine identity currently hit CF Access on the
/api/v1/authpath. This surfaces as a flaky vault-read error that is hard to reproduce and wastes debugging time during crunch. Root cause of #680. - Why not later: Every vault-reading agent (sre-agent, card-groomer, etc.) runs during the launch window. Unblocking this reduces agent error rate at exactly the moment reliability matters most.
- Dispatch surface: Cloudflare (Terraform or CF dashboard — see card for details)
8. #1495 — docs(ops): Departing employee deprovisioning runbook
- Issue: #1495
- Title: docs(ops): departing employee deprovisioning runbook — Heroku Postgres rotation + audit_archiver SSM credential, 4-hour window
- Size:
size:s| Area:area:devops,area:raptor,area:queue| Age: 2026-05-09 (10 days, priority:medium) - Why now: With v1 launch in 4 days, the probability of needing this runbook before it exists is low — but filing it now costs nothing. It is a pure docs card and can run entirely in a non-blocking slot between larger PRs.
- Why not later: Post-launch is fine, but the window to write it while the architecture is fresh closes once post-launch churn begins. The area:queue label is present but this card is a docs deliverable only, not Queue code.
- Dispatch surface: docs/ directory
Deferred from this wave (do not dispatch yet)
| Issue | Reason deferred |
|---|---|
| #1483 | Main thread already watching associated PR #2503 |
| #146 (Epic) | Epics are not dispatchable units |
| #94 (Epic) | Epics are not dispatchable units |
| #1648, #1647 | defer:post-launch + before-first-EU-customer — not v1 blockers |
| #1212 | defer:post-launch + priority:low |
| #1736 | Has blocked label — SC-WAF-00 operator prerequisite not done |
Recommended Dispatch Sequence
Wave 2 queue (main thread executes sequentially):
[WATCHING NOW] PR for #1483 → merge → then:
1. #2504 (size:s, P1 console bug)
2. #2503 (size:s, P1 console bug — confirm no PR already open)
3. #1603 (size:s, flag YAML stubs)
4. #925 (size:s, rotation token scope)
5. #2053 (size:xs, teardown audit)
6. #1484 (size:s, FreeScout webhook — after #1483 confirms no schema conflict)
7. #2143 (size:s, CF Access vault skip rule)
8. #1495 (size:s, docs runbook — lowest-risk, slot at any gap)
Each card waits for the prior PR to show CI green + merged before dispatch.
Pre-launch Blocker Summary (for operator reference)
Open pre-launch-blocker cards as of 2026-05-19 UTC:
| # | Title | Status |
|---|---|---|
| #2285 | SC-WAF-05b: WAF prod rollout (Phase 4) | blocked — depends on prior WAF phases |
| #2283 | SC-WAF-05: WAF staging block mode soak (Phase 3) | blocked — depends on #2282 |
| #2282 | SC-WAF-04: WAF staging challenge mode (Phase 2) | open, size:s, no block label — dispatchable if WAF-00 operator step done |
| #2013 | feat(console): flag reconciler drift endpoint | blocked |
| #2012 | feat(console): one-shot flag promotions backfill | operator-action |
| #2010 | feat(console): flag_reconciler.py 5-min sync | size:m — too large for this wave |
| #1735 | CF WAF rules not configured — HIGH | needs-grooming + needs:operator-decision |
| #1632 | Stripe Price IDs backfill on founders subs | blocked + area:queue — Queue prod in flight |
| #1455 | CRITICAL: Heroku DB connects as Postgres owner | needs-grooming + size:m |
| #1026 | B6: Verify Sentry DSN wired on prod | size:xs, no block — dispatchable but likely operator verification |
| #1025 | B5: Remove CF Access gate from raxx.app | operator-action |
| #1023 | B3: Verify Alpaca paper-mode env vars on prod | size:xs, likely operator verification |
| #1022 | B2: Wire auth routes to raxx.app | size:xs |
Operator-gated blockers needing Kristerpher action before agents can proceed: #1735 (WAF decision), #2012 (flag backfill), #1025 (CF Access removal), #1023 (Alpaca vars), #2443 (Queue prod Stripe live keys).