From linear-pack
Production readiness checklist for Linear integrations. Use when preparing to deploy, reviewing production requirements, or auditing existing Linear deployments. Trigger: "linear production checklist", "deploy linear", "linear production ready", "linear go live", "linear launch".
npx claudepluginhub flight505/skill-forge --plugin linear-packThis skill is limited to using the following tools:
Comprehensive checklist and implementation patterns for deploying Linear integrations to production. Covers authentication, error handling, rate limiting, monitoring, data handling, and deployment verification.
Guides Next.js Cache Components and Partial Prerendering (PPR): 'use cache' directives, cacheLife(), cacheTag(), revalidateTag() for caching, invalidation, static/dynamic optimization. Auto-activates on cacheComponents: true.
Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).
Share bugs, ideas, or general feedback.
Comprehensive checklist and implementation patterns for deploying Linear integrations to production. Covers authentication, error handling, rate limiting, monitoring, data handling, and deployment verification.
.env files in production)[ ] Production API key generated (separate from dev)
[ ] API key stored in secret manager (Vault, AWS SM, GCP SM)
[ ] OAuth redirect URIs updated for production domain
[ ] Webhook secrets are unique per environment
[ ] All dev secrets rotated before launch
[ ] HTTPS enforced on all endpoints
[ ] Webhook HMAC-SHA256 verification implemented
[ ] Webhook timestamp validation (< 60s age)
[ ] Token refresh flow implemented (mandatory since Oct 2025)
[ ] All Linear API calls wrapped in try/catch
[ ] Rate limit retry with exponential backoff (max 5 retries)
[ ] 30s timeout on all API calls
[ ] Graceful degradation when Linear API is down
[ ] Error logging includes context (no secrets in logs)
[ ] InvalidInputLinearError caught separately from network errors
[ ] Alerts configured for auth failures and error rate spikes
[ ] Pagination with first:50 for all list queries
[ ] Caching for static data (teams, states, labels) — 10-30 min TTL
[ ] Request batching for bulk operations (20 mutations per batch)
[ ] Query complexity stays under 5,000 pts per request
[ ] No polling — webhooks for real-time updates
[ ] N+1 query patterns eliminated (use rawRequest for joins)
[ ] Response times monitored with p95 alerting
[ ] Health check endpoint hitting Linear API
[ ] API latency metrics collected per operation
[ ] Error rate monitoring with alerting (>1% = alert)
[ ] Rate limit remaining tracked (alert if < 100 requests)
[ ] Structured JSON logging for API calls and webhooks
[ ] Webhook delivery tracking via Linear-Delivery header
[ ] No PII logged or stored unnecessarily
[ ] Webhook event idempotency (deduplicate by Linear-Delivery)
[ ] Data retention policy defined for synced data
[ ] Stale data detection with periodic consistency checks
import { LinearClient } from "@linear/sdk";
interface ProdConfig {
linear: { apiKey: string; webhookSecret: string };
rateLimit: { maxRetries: number; baseDelayMs: number; maxDelayMs: number };
cache: { teamsTtl: number; statesTtl: number; labelsTtl: number };
timeouts: { requestMs: number; webhookProcessMs: number };
}
const config: ProdConfig = {
linear: {
apiKey: await getSecret("linear-api-key-prod"),
webhookSecret: await getSecret("linear-webhook-secret-prod"),
},
rateLimit: { maxRetries: 5, baseDelayMs: 1000, maxDelayMs: 30000 },
cache: { teamsTtl: 600, statesTtl: 1800, labelsTtl: 600 },
timeouts: { requestMs: 30000, webhookProcessMs: 5000 },
};
function createProductionClient(): LinearClient {
return new LinearClient({ apiKey: config.linear.apiKey });
}
interface HealthStatus {
status: "healthy" | "degraded" | "unhealthy";
latencyMs: number;
details: {
authentication: boolean;
apiReachable: boolean;
rateLimitOk: boolean;
};
timestamp: string;
}
async function checkHealth(client: LinearClient): Promise<HealthStatus> {
const start = Date.now();
const details = { authentication: false, apiReachable: false, rateLimitOk: true };
try {
const viewer = await client.viewer;
details.authentication = true;
details.apiReachable = true;
const latencyMs = Date.now() - start;
return {
status: latencyMs > 3000 ? "degraded" : "healthy",
latencyMs,
details,
timestamp: new Date().toISOString(),
};
} catch (error: any) {
details.apiReachable = !error.message?.includes("ENOTFOUND");
return {
status: "unhealthy",
latencyMs: Date.now() - start,
details,
timestamp: new Date().toISOString(),
};
}
}
// Express endpoint
app.get("/health/linear", async (req, res) => {
const health = await checkHealth(client);
res.status(health.status === "unhealthy" ? 503 : 200).json(health);
});
// scripts/verify-deployment.ts
import { LinearClient } from "@linear/sdk";
async function verify(): Promise<void> {
console.log("Verifying Linear integration...\n");
const checks = [
{
name: "Environment variables",
check: async () => !!(process.env.LINEAR_API_KEY && process.env.LINEAR_WEBHOOK_SECRET),
},
{
name: "API authentication",
check: async () => { await new LinearClient({ apiKey: process.env.LINEAR_API_KEY! }).viewer; return true; },
},
{
name: "Team access",
check: async () => {
const client = new LinearClient({ apiKey: process.env.LINEAR_API_KEY! });
const teams = await client.teams();
return teams.nodes.length > 0;
},
},
{
name: "Write capability",
check: async () => {
const client = new LinearClient({ apiKey: process.env.LINEAR_API_KEY! });
const teams = await client.teams();
const r = await client.createIssue({
teamId: teams.nodes[0].id,
title: "[DEPLOY-CHECK] Safe to delete",
});
if (r.success) {
const issue = await r.issue;
await issue?.delete();
}
return r.success;
},
},
];
let passed = 0;
let failed = 0;
for (const { name, check } of checks) {
try {
const ok = await check();
console.log(ok ? ` PASS: ${name}` : ` FAIL: ${name}`);
ok ? passed++ : failed++;
} catch (error: any) {
console.log(` FAIL: ${name} — ${error.message}`);
failed++;
}
}
console.log(`\nResults: ${passed} passed, ${failed} failed`);
if (failed > 0) process.exit(1);
}
verify();
// Key metrics to track after deploy
const ALERT_THRESHOLDS = {
errorRate: 0.01, // Alert if >1% of requests fail
p99LatencyMs: 3000, // Alert if p99 > 3 seconds
rateLimitRemaining: 100, // Alert if remaining requests < 100
};
// First 30 minutes after deploy: watch for
// - Auth failures (key mismatch between environments)
// - Rate limit spikes (init burst fetching too much data)
// - Webhook signature failures (secret not updated in new env)
| Issue | Cause | Solution |
|---|---|---|
Health check unhealthy | API key invalid/expired | Regenerate key, update secret manager |
| Webhook sig fails in prod | Secret mismatch | Verify LINEAR_WEBHOOK_SECRET matches Linear webhook config |
| Rate limit burst on deploy | Startup fetches too much | Add request queue, cache static data |
| Deploy verification fails | Missing env vars | Run verification locally first |