sf-agent-framework/sf-core/checklists/build-setup-checklist.md

AI Agent Orchestration Framework for Salesforce Development - Two-phase architecture with 70% context reduction

# Build Setup Checklist

## Purpose

Ensure comprehensive setup of Salesforce CI/CD build infrastructure with all
necessary components configured correctly.

## Pre-Requirements

### Environment Access

- [ ] Salesforce Dev Hub org access confirmed
- [ ] Git repository access granted (read/write permissions)
- [ ] CI/CD platform credentials configured
- [ ] Salesforce CLI installed and authenticated
- [ ] Node.js (v14+) and npm installed

### Documentation Review

- [ ] Salesforce DX Developer Guide reviewed
- [ ] CI/CD platform documentation reviewed
- [ ] Team coding standards documented
- [ ] Git branching strategy defined

## Build Infrastructure Setup

### Version Control Configuration

- [ ] Repository initialized with .gitignore for Salesforce
- [ ] Branch protection rules configured
- [ ] Pull request templates created
- [ ] Commit message conventions established
- [ ] Code owners file configured

### Salesforce DX Project Setup

- [ ] `sfdx-project.json` configured with namespace and package directories
- [ ] Scratch org definition file created (`config/project-scratch-def.json`)
- [ ] Default package directory structure established
- [ ] API version specified and consistent

### CI/CD Pipeline Configuration

#### Authentication Setup

- [ ] Dev Hub SFDX Auth URL stored as secure secret
- [ ] Production org auth URL configured (if needed)
- [ ] Sandbox org auth URLs configured
- [ ] Certificate-based authentication implemented
- [ ] Connected App created with appropriate permissions

#### Build Agent Requirements

- [ ] Salesforce CLI installation scripted
- [ ] Java runtime configured (for Apex PMD)
- [ ] Node.js and npm configured
- [ ] Required npm packages listed in package.json
- [ ] Python installed (if needed for scripts)

## Quality Tools Configuration

### Static Code Analysis

- [ ] PMD ruleset file created (`pmd-ruleset.xml`)
- [ ] ESLint configured for Lightning Web Components
- [ ] Prettier configured for code formatting
- [ ] Custom Apex rules defined
- [ ] Security scanning rules enabled

### Testing Framework

- [ ] Apex test configuration defined
- [ ] Jest configured for LWC tests
- [ ] Code coverage thresholds set (minimum 80%)
- [ ] Test data factory patterns implemented
- [ ] Mock frameworks configured

## Build Pipeline Stages

### Continuous Integration

- [ ] Source validation stage configured
- [ ] Metadata deployment to scratch org
- [ ] Apex tests execution with coverage
- [ ] LWC tests execution
- [ ] Static code analysis execution
- [ ] Security scanning enabled

### Artifact Management

- [ ] Build artifacts storage configured
- [ ] Package version creation automated
- [ ] Release notes generation implemented
- [ ] Artifact retention policies defined
- [ ] Version numbering strategy documented

## Monitoring and Notifications

### Build Notifications

- [ ] Email notifications configured for failures
- [ ] Slack/Teams integration setup (if used)
- [ ] Build status badges configured
- [ ] PR status checks configured
- [ ] Dashboard for build metrics created

### Performance Monitoring

- [ ] Build duration tracking implemented
- [ ] Test execution time monitoring
- [ ] Resource usage alerts configured
- [ ] Concurrent build limits set
- [ ] Queue time monitoring enabled

## Security Configuration

### Secrets Management

- [ ] All credentials stored as encrypted secrets
- [ ] No hardcoded values in scripts
- [ ] Secret rotation schedule defined
- [ ] Access audit logging enabled
- [ ] Principle of least privilege applied

### Compliance

- [ ] SAST (Static Application Security Testing) configured
- [ ] Dependency vulnerability scanning enabled
- [ ] License compliance checking implemented
- [ ] Audit trail for deployments maintained
- [ ] Data privacy controls verified

## Documentation and Training

### Documentation

- [ ] Build setup guide created
- [ ] Troubleshooting guide documented
- [ ] Pipeline architecture diagram created
- [ ] Runbook for common issues prepared
- [ ] FAQ section maintained

### Team Enablement

- [ ] Team training on pipeline usage completed
- [ ] Best practices guide distributed
- [ ] Code review guidelines established
- [ ] Emergency procedures documented
- [ ] Support channel established

## Post-Setup Validation

### Smoke Tests

- [ ] Sample build executed successfully
- [ ] All quality gates functioning
- [ ] Notifications working correctly
- [ ] Artifacts generated and stored
- [ ] Metrics being collected

### Performance Baseline

- [ ] Average build time documented
- [ ] Resource usage baseline established
- [ ] Concurrent build capacity tested
- [ ] Failure recovery tested
- [ ] Rollback procedures verified

## Sign-off

### Technical Sign-off

- [ ] DevOps lead approval
- [ ] Security team review completed
- [ ] Architecture review passed
- [ ] Performance requirements met

### Business Sign-off

- [ ] Project manager approval
- [ ] Compliance requirements verified
- [ ] Budget constraints met
- [ ] Go-live criteria satisfied

## Notes

- Record any deviations from standard setup
- Document any custom configurations
- Note any pending items for future phases
- Include links to relevant documentation