Production Checklist
Before running Anvil in production, verify the application edge, generated artifacts, and driver configuration.
Generation
Section titled “Generation”- Generated files are committed or generated in CI
anvil generateis deterministic- Route manifest diffs are reviewed
- OpenAPI output is validated if published
Runtime
Section titled “Runtime”- The app is built, wired, and run as one process lifecycle
- The Anvil edge listener has explicit timeouts through
WithListenerwhen defaults are not enough - Maximum body sizes are configured in the selected HTTP or GraphQL driver
- TLS is handled by
app.ListenTLS, a reverse proxy, or the platform edge - Graceful shutdown is wired through context cancellation
- Global error observers are installed
Create a new *anvil.App for each process run. Generated wiring is one-shot,
driver registration closes when runtime finalization starts, and drivers may
keep shutdown state that is not restartable.
Security
Section titled “Security”- Auth policies are explicit on protected routes
- Validation is declarative where possible
- Custom Starlark rules enforce company standards
ctx.Native()usage is documented because it reduces portability
Run:
go test ./...go vet ./...anvil generate .Add driver-specific integration tests where brokers or transports require real infrastructure.