Documentation

Source-of-truth docs, references, plans, and product material across Harbor surfaces.

Docs / Commercial And Brand
Commercial And Brand

Go Live Plan

This document is the practical launch checklist for Harbor.

commercial and brandliveplan
Source: GO_LIVE_PLAN.md

GO_LIVE_PLAN.md

Purpose

This document is the practical launch checklist for Harbor.

Use it to answer:

  • what stage Harbor is in now
  • what must be true before design-partner beta
  • what must be true before public v1
  • what is intentionally allowed to remain manual at launch
  • what is explicitly post-launch work

This file should stay more concrete than the roadmap.

Use docs/BREAKWATERHARBOR_NET_DEPLOYMENT.md for the concrete first deployment target and domain layout.

Current state

As of the current repo state, Harbor is best described as:

  • strong local-first alpha
  • design-partner beta candidate
  • not yet ready for broad public production launch

Why it is strong

  • Harbor Node is real and useful
  • Harbor UI is modular and coherent
  • Harbor Hub, website, docs, cloud member basics, and cloud admin are real
  • central management, multi-node foundations, and response pipelines are already in the product
  • the product has meaningful automated coverage in its highest-risk areas

Why it is not yet public-launch ready

  • browser-facing auth/session posture still needs improvement
  • CI and regression coverage are not deep enough for broad public change velocity
  • deployment, backup, restore, and rollback discipline need to be formalized
  • operator onboarding, policy visibility, and troubleshooting still need a final pass
  • at least one OAuth-backed integration needs to be clearly production-grade
  • the public website still needs its under-construction landing page and gated-preview shape

Launch philosophy

Harbor should go live in stages:

  1. internal alpha
  2. design-partner beta
  3. public v1
  4. post-launch expansion

This is the right shape for a local-first product. It keeps the trust model intact while allowing support, docs, and operations to mature alongside real usage.

Current prelaunch target

The current real deployment target is:

  • domain: breakwaterharbor.net
  • VPS: 162.222.206.87
  • public reverse proxy: Caddy
  • source host: internal Gitea over Tailscale / MagicDNS

The current recommended topology is:

  • main site at breakwaterharbor.net
  • docs at docs.breakwaterharbor.net
  • Harbor Hub at hub.breakwaterharbor.net
  • cloud API at api.breakwaterharbor.net
  • Harbor Admin at admin.breakwaterharbor.net, Tailscale-only

Harbor Node remains local-first and should not be treated as a public VPS-hosted default runtime.

Stage 1: Internal alpha

Goal

Keep building and hardening with the repo as the primary source of truth.

Success signals

  • core local workflows build and run reliably
  • major surfaces are real and navigable
  • the most important security regressions are covered by tests
  • design and architecture are stable enough that docs can track reality

Already true now

  • yes for Harbor Node, Harbor UI, Harbor Hub, website, docs, cloud API, and cloud admin

Stage 2: Design-partner beta

Goal

Support a small set of real users with close human involvement and fast feedback loops.

Must be true before entering this stage

Security and auth

  • cloud/admin browser sessions are moved to a stronger production-grade pattern
  • Harbor Node production environment requirements are documented clearly
  • secret-at-rest expectations are documented and enforced

CI and quality

  • CI runs on the pinned Node toolchain
  • CI runs package tests in addition to typecheck/build
  • at least the highest-risk API surfaces have automated regression coverage

Product and UX

  • Harbor UI onboarding is good enough for a new operator to get through install and first action publish
  • Harbor Guard policy/approval behavior is visible enough to avoid confusion
  • Harbor Hub import/update state is understandable
  • docs cover install, upgrade, and troubleshooting for the supported environments
  • the website matches the intended landing-page plus gated-preview deployment model

Ops and support

  • there is a documented install flow
  • there is a documented upgrade flow
  • there is a documented backup and restore flow
  • internal support knows how to troubleshoot account, enrollment, and contact flows

What may still be manual in this stage

  • premium provisioning
  • license operations
  • design-partner onboarding
  • some support escalations
  • billing and subscription operations

Exit criteria

  • a small set of real users can run Harbor without unsafe shortcuts
  • Breakwater can support those users without relying on raw database edits or secret exposure

Stage 3: Public v1

Goal

Launch Harbor publicly with a narrow, honest, supportable promise.

Must be true before public v1

Security and auth

  • cloud/admin auth uses a production-appropriate browser session model
  • CSP, framing, referrer, and TLS guidance are documented and implemented where applicable
  • the known high-severity audit findings are fixed or explicitly accepted with written rationale

Product quality

  • Community install path is stable and understandable
  • premium story is additive and clear
  • at least one OAuth-backed integration is fully supportable
  • manager and multi-node features are either clearly supported or clearly labeled as not public-v1-ready

Documentation

  • website copy matches the actual shipped product
  • docs include install, upgrade, restore, troubleshooting, and security guidance
  • plan and premium messaging are accurate and not aspirational

Release engineering

  • CI runs tests plus typecheck/build
  • container builds are repeatable
  • release notes and upgrade notes can be generated consistently
  • rollback steps are documented and tested

Operations

- Harbor Node SQLite - Hub SQLite - Cloud Postgres

  • monitoring and health expectations are documented
  • backup and restore have been exercised for:
  • contact/support flow works end to end
  • admin tooling is sufficient for the first public users

What can still be manual at public v1

  • premium provisioning and licensing operations
  • some support escalations
  • some recovery operations if they are documented and safe
  • limited white-glove onboarding for early paid users

What should not still be manual at public v1

  • basic install steps
  • basic upgrade steps
  • basic backup/restore process
  • critical auth/session handling
  • core Community product usage

Exit criteria

  • Harbor can be presented publicly without hiding material operational gaps
  • a user can install, run, and understand the Community product
  • Breakwater can support the first public users reliably

Stage 4: Post-launch expansion

Goal

Deepen premium and commercial operations only after the public product is stable.

Good post-launch targets

  • stronger Pro/Business multi-node and manager ergonomics
  • better premium notifications and summaries
  • deeper response pipeline and automation tooling
  • team and organization depth
  • self-serve billing and subscription management
  • broader integration set

Explicitly post-launch

  • large connector expansion
  • marketplace economics
  • broad enterprise RBAC
  • full Fleet orchestration as the default Harbor mode

Go-live workstreams

1. Security and auth

Must ship:

  • stronger cloud/admin browser session model
  • documented production secrets and env requirements
  • deployment header and TLS guidance
  • final review of remaining high-severity issues

2. Product polish

Must ship:

  • Harbor UI onboarding
  • policy visibility and approval clarity
  • Harbor Hub import/update clarity
  • auth-readiness and troubleshooting cues
  • public landing page plus gated-preview website behavior

3. Release engineering

Must ship:

  • CI on pinned Node version
  • test execution in CI
  • repeatable container builds
  • release and rollback notes

4. Ops and recovery

Must ship:

  • health and monitoring expectations
  • backup and restore procedures
  • upgrade procedures
  • disaster-recovery basics for the supported deployment model

5. Documentation and support

Must ship:

  • docs aligned with real product behavior
  • install/get-started path that does not require source reading
  • support/admin workflows documented for the first customers

6. Commercial readiness

Must ship:

  • clear Community versus premium packaging
  • manual premium operations that are documented and supportable
  • honest go-to-market promise about what Harbor does today

Suggested sequence from here

  1. finish production auth/session hardening
  2. upgrade CI and expand regression coverage
  3. finish deployment, backup, restore, and rollback documentation
  4. finish Harbor UI onboarding, policy visibility, and Harbor Hub clarity
  5. finish Gmail as the flagship OAuth-backed integration
  6. run design-partner beta
  7. fix beta feedback and close launch blockers
  8. publish public v1

Launch decision checklist

Before saying "go live," confirm all of these are true:

  • security posture is acceptable for production use
  • docs match reality
  • CI and tests are strong enough for the current change rate
  • backups and restores have been exercised
  • install and upgrade path are stable
  • first public support workflow is ready
  • Community path stands on its own
  • premium path is additive, not required for trust

If any of those are still weak, Harbor should remain in design-partner beta rather than forcing a public launch.