RavDevOps live edge recovery

A Firebase Hosting and Cloud Run recovery proof for same-domain API health, SAML redirects, and static app delivery.

ravdevops.tech now uses Firebase Hosting as the live edge while `/api/*` and `/health` reach `portal-api` through Cloud Run rewrites.

Buyer problem

A public site loses trust when health routes return an HTML shell instead of real API responses.

Deliverables

  • Firebase Hosting run rewrites
  • Cloud Run portal API deploy
  • JSON health verification
  • SAML metadata and redirect checks

Evidence

  • `/api/health` returns API JSON.
  • `/health` returns API JSON.
  • SAML metadata returns 200 and SAML start redirects to the IdP.
  • Freeze verification asserts only `portal-api` is deployed in us-central1.

Process

  • Made Firebase Hosting the canonical live edge.
  • Deployed only `portal-api` with public invocation for Hosting rewrites.
  • Kept portal, ops, and gateway surfaces stable.

Readiness

  • Same-domain `/api` path
  • Cloud Run max instances capped
  • No new public domains
  • No site proxy deployment

Handoff

The recovery is now covered by `task health`, `npm run firebase:freeze:verify`, and live smoke checks.

This crawlable HTML route is provided for non-JavaScript clients and compliance scanning. The interactive portal and application UI remain available with JavaScript enabled.

Book pilot