# DEPLOY — Stratos Tech Test Portal → Cloudflare Pages End-to-end deploy guide: GitHub repo → Cloudflare Pages → custom domain `exams.stratostech.ai` → Cloudflare Access lock. --- ## 1. GitHub Repo — LOCKED **Repo URL:** https://github.com/pipperonisamurai67/stratostech-test-portal.git **Owner:** pipperonisamurai67 (Michael A. Howard) **Visibility:** Private ### First-time push from local ```bash cd C:\Users\micha\Desktop\stratostech-test-portal git init -b main git add . git status # Confirm no PDFs / source manuals tracked git commit -m "feat: initial portal scaffold (HIC live, CIC/S3/S30/RE starters + source materials hub)" git remote add origin https://github.com/pipperonisamurai67/stratostech-test-portal.git git push -u origin main ``` ### Authentication on first push GitHub no longer accepts password auth on HTTPS. Two options: **Option A — Personal Access Token (fastest):** 1. github.com/settings/tokens → Generate new token (classic) 2. Scope: `repo` (full control of private repos) 3. Set expiration to 90 days or longer 4. Copy the token 5. When `git push` prompts for username, enter `pipperonisamurai67` 6. When it prompts for password, paste the token **Option B — GitHub CLI (cleaner long-term):** ```bash winget install --id GitHub.cli gh auth login # follow prompts; pick HTTPS + browser auth git push -u origin main # gh CLI handles auth automatically ``` **Privacy posture:** Repo IS PRIVATE. Even though `.gitignore` blocks copyrighted PDFs, the exam content is your IP — keep it private. --- ## 2. Cloudflare Pages — Connect Repo 1. Open https://dash.cloudflare.com/ → Workers & Pages → Create application → Pages → **Connect to Git** 2. Authorize GitHub → select `stratostech-test-portal` → Begin setup 3. **Project name:** `stratostech-test-portal` 4. **Production branch:** `main` 5. **Build settings:** - Framework preset: **None** - Build command: *(leave empty — pure static)* - Build output directory: `/` (or leave default) 6. **Save and Deploy** First deploy lands at `stratostech-test-portal.pages.dev` in ~30 seconds. --- ## 3. Custom Domain — `exams.stratostech.ai` In the Cloudflare Pages project: 1. Pages project → **Custom domains** → **Set up a custom domain** 2. Enter: `exams.stratostech.ai` 3. Cloudflare auto-creates the CNAME record (since `stratostech.ai` is already on Cloudflare DNS) 4. Wait ~1-2 minutes for SSL provisioning. Done. --- ## 4. Cloudflare Access — Lock the Portal This is what makes `Auth.checkCloudflareAccess()` work. Without it, the portal falls back to the local password. 1. Cloudflare Dashboard → **Zero Trust** → Access → **Applications** → Add an application → **Self-hosted** 2. **Application name:** Stratos Tech — Test Portal 3. **Session duration:** 24 hours (or your preference) 4. **Application domain:** `exams.stratostech.ai` (whole site) 5. **Identity providers:** Google (or whatever your SSO is) 6. **Policies:** - Policy name: `Michael Only` - Action: **Allow** - Include: **Emails** → `michaelhoward.mah@gmail.com` 7. Save. Now visiting `exams.stratostech.ai` in a fresh browser → Cloudflare Access redirects to Google login → only your email gets through → portal loads with your real identity (no password gate needed). --- ## 5. Auto-Deploy Workflow After the initial setup, the loop is: ```bash # Edit a file (e.g., add Series 3 v2 exam) git add exams/series3/v2.html git commit -m "feat(series3): add v2 harder version (20 questions)" git push # Cloudflare Pages auto-builds + deploys in ~30s # Live at exams.stratostech.ai/exams/series3/v2.html ``` --- ## 6. Optional — Cloudflare KV for Cross-Device Sync (Phase 4) If you want test results synced between desktop / phone / iPad later: 1. Create a KV namespace: `stratos_portal_results` 2. Bind it to the Pages project 3. Build a tiny Pages Function at `functions/api/results.js` that reads/writes KV 4. Update `js/results-parser.js` to fetch from `/api/results` instead of static `_index.json` Not needed for Phase 1. Local file system + auto-save covers single-device use. --- ## 7. Verification Checklist (post-deploy) - [ ] `https://exams.stratostech.ai` redirects to Cloudflare Access login - [ ] After SSO login, portal loads with greeting "Michael" (or your email name) - [ ] Dashboard shows all HIC results from `results/hic/_index.json` - [ ] Each exam category card opens a working test - [ ] Source materials page loads - [ ] 404 page renders custom Stratos Tech branding - [ ] HTTPS only — no mixed content warnings --- ## 8. Rollback If a deploy breaks production: ```bash # Cloudflare Pages dashboard → Deployments → find last good deploy → "Rollback to this deployment" # Or in git: git revert HEAD git push ``` Cloudflare Pages keeps every prior deploy live at a unique URL — instant rollback, zero downtime.