Operator console

Last updated 5/13/2026

Currently Healthcare Data Platform — Operator Console

Document ID: OPS-001
Classification: Internal — Restricted
Version: 1.0
Scope: Full operational surface for platform engineering, SRE, and support teams

Admin Dashboard
Internal Tooling Inventory
Operational Workflows
Monitoring and Alerting
Support Workflows
Environment Management
Secret Management
Health Checks and Status

1. Admin Dashboard

1.1 Platform Admin Shell

The platform administrator interface is rendered under the /admin route group, served by the Next.js application on Vercel. The shell component is defined in web/src/app/(app)/(platform)/admin/_components/platform-admin-shell.tsx and provides the navigation frame for all platform-scoped administrative views. Access requires a Clerk session with the platform_admin role.

1.2 Admin Route Inventory

All admin routes are prefixed under /admin (UI) and /api/admin or /api/v1/admin (API). Routes without a v1 prefix are considered legacy and will be migrated.

UI Routes

Route	File	Purpose
`/admin/analytics`	`admin/analytics/page.tsx`	Platform-wide analytics overview
`/admin/api-docs`	`admin/api-docs/page.tsx`	Internal API documentation browser with code generators
`/admin/ats/analytics`	`admin/ats/analytics/page.tsx`	ATS funnel analytics
`/admin/ats/applicants/:id`	`admin/ats/applicants/[id]/page.tsx`	Individual applicant record

API Routes — Legacy Prefix (`/api/admin/`)

Route	File	Purpose
`POST /api/admin/facility-orgs/create`	`api/admin/facility-orgs/create/route.ts`	Create a new facility-organization linkage
`POST /api/admin/invitations/facility-user`	`api/admin/invitations/facility-user/route.ts`	Send invitation to a facility user
`POST /api/admin/invitations/patient`	`api/admin/invitations/patient/route.ts`	Send patient portal invitation
`POST /api/admin/org-links/approve`	`api/admin/org-links/approve/route.ts`	Approve a pending HIE-to-facility org link
`GET/POST /api/admin/pricing/tiers`	`api/admin/pricing/tiers/route.ts`	Read and configure subscription pricing tiers
`GET/PATCH /api/admin/registrations/facility/:id`	`api/admin/registrations/facility/[id]/route.ts`	Read or update a specific facility registration
`POST /api/admin/registrations/facility/hie-initiate`	`api/admin/registrations/facility/hie-initiate/route.ts`	HIE-initiated facility onboarding
`GET/POST /api/admin/registrations/facility`	`api/admin/registrations/facility/route.ts`	List or create facility registrations
`GET/PATCH /api/admin/registrations/hie/:id`	`api/admin/registrations/hie/[id]/route.ts`	Read or update a specific HIE registration
`GET/POST /api/admin/registrations/hie`	`api/admin/registrations/hie/route.ts`	List or create HIE registrations
`GET /api/admin/revenue/stats`	`api/admin/revenue/stats/route.ts`	Revenue and subscription metrics

API Routes — Versioned Prefix (`/api/v1/admin/`)

Route	File	Purpose
`GET /api/v1/admin/analytics/by-org`	`api/v1/admin/analytics/by-org/route.ts`	Per-organization analytics breakdown
`GET /api/v1/admin/api-keys/metrics/platform`	`api/v1/admin/api-keys/metrics/platform/route.ts`	Aggregate API key usage metrics across the platform
`GET/POST/DELETE /api/v1/admin/api-keys`	`api/v1/admin/api-keys/route.ts`	API key CRUD for platform-level keys
`POST /api/v1/admin/approve-provider`	`api/v1/admin/approve-provider/route.ts`	Approve a provider organization for data access
`GET /api/v1/admin/audit/phi-access`	`api/v1/admin/audit/phi-access/route.ts`	HIPAA audit log — PHI access events

1.3 HIE Network Dashboard

HIE operators access a separate scoped interface under /dashboard/network. This shell is defined in web/src/app/(app)/(hie)/dashboard/network/layout.tsx and is gated to users with the HIE role in Clerk.

Route	Purpose
`/dashboard/network`	HIE overview: connected facilities, record volume
`/dashboard/network/analytics`	Ingestion throughput, conversion rates, vocabulary hit rates
`/dashboard/network/approvals`	Pending facility join requests requiring HIE approval
`/dashboard/network/jobs`	Pipeline job queue: status, failures, retries
`/dashboard/network/patients`	De-identified patient roster by MRN hash
`/dashboard/network/patients/:mrnHash`	Individual patient record summary
`/dashboard/network/providers/:id`	Provider profile within the HIE network
`/dashboard/network/records`	Medical records registry: file type, status, upload date
`/dashboard/network/export`	Bulk export configuration (FHIR / OMOP)
`/dashboard/network/upload`	Manual file upload (HL7 v2, CDA/CCDA, FHIR)
`/dashboard/network/users`	User roster for the HIE organization
`/dashboard/network/settings`	HIE organization settings
`/dashboard/network/settings/api-keys`	HIE API key management
`/dashboard/network/settings/integrations/google-workspace`	Google Workspace SSO integration
`/dashboard/network/settings/modules`	Module enable/disable toggles

1.4 Developer-Only Routes

Route	File	Purpose	Environment
`GET /api/dev/email-preview`	`api/dev/email-preview/route.ts`	Render transactional email templates in browser	Non-production only

This route must not be accessible in production. Verify that environment checks gate this handler before any production deployment.

2. Internal Tooling Inventory

2.1 Currently CLI (`cli/`)

The currently CLI is a TypeScript command-line tool built with tsx, compiled via tsup, and distributed from cli/dist/bin/currently.js. The entry point is cli/bin/currently.ts. It communicates with the platform API via cli/src/client.ts using API keys stored locally by cli/src/auth/store.ts.

Authentication

File	Responsibility
`cli/src/auth/resolve.ts`	Resolves active API key from local store or environment
`cli/src/auth/store.ts`	Reads/writes credentials from local config file
`cli/src/commands/auth.ts`	`currently login` / `currently logout` commands

Command Surface

Command Module	File	Operations
`auth`	`cli/src/commands/auth.ts`	Login, logout, whoami
`config`	`cli/src/commands/config.ts`	Get/set CLI configuration values
`keys`	`cli/src/commands/keys.ts`	List, create, revoke API keys
`orgs`	`cli/src/commands/orgs.ts`	List and switch between organizations
`pipeline`	`cli/src/commands/pipeline.ts`	Submit jobs, poll status, inspect failures
`records`	`cli/src/commands/records.ts`	List, download, inspect medical records
`patient`	`cli/src/commands/patient.ts`	Look up patient records by MRN hash
`analytics`	`cli/src/commands/analytics.ts`	Query pipeline throughput and quality metrics
`billing`	`cli/src/commands/billing.ts`	View subscription status, usage
`storage`	`cli/src/commands/storage.ts`	GCS file operations
`webhooks`	`cli/src/commands/webhooks.ts`	Register and test webhook endpoints
`allergies`	`cli/src/commands/allergies.ts`	Query FHIR AllergyIntolerance resources
`diagnoses`	`cli/src/commands/diagnoses.ts`	Query FHIR Condition resources
`encounters`	`cli/src/commands/encounters.ts`	Query FHIR Encounter resources
`medications`	`cli/src/commands/medications.ts`	Query FHIR MedicationRequest resources
`quality`	`cli/src/commands/quality.ts`	Run quality checks against pipeline output

CLI Configuration

Default values are defined in cli/src/config/defaults.ts. Named profiles (e.g., production, staging) are managed in cli/src/config/profiles.ts, enabling operators to switch target environments without modifying credentials.

2.2 GitHub Actions Workflows

All CI/CD automation lives under .github/workflows/.

Workflow	File	Trigger	Purpose
`code-quality`	`code-quality.yml`	Push, PR	Linting, type-checking, pre-commit hooks
`pipeline-deploy`	`pipeline-deploy.yml`	Push to main, `workflow_dispatch`	Deploy FastAPI pipeline service to GKE
`pipeline-worker-deploy`	`pipeline-worker-deploy.yml`	Push to main, `workflow_dispatch`	Deploy Celery workers to GKE
`pipeline-test`	`pipeline-test.yml`	Push, PR	Python test suite (unit + integration)
`smoke-test`	`smoke-test.yml`	Post-deploy	Hit `/health` and key pipeline endpoints after deployment
`sync-docs`	`sync-docs.yml`	Push to main	Sync documentation to external destination
`terraform-plan`	`terraform-plan.yml`	PR to infra branch	Run `terraform plan` and post diff as PR comment

workflow_dispatch triggers are available on pipeline-deploy and pipeline-worker-deploy, allowing manual deployment from the GitHub Actions UI without a code push.

2.3 Docker Images

Image	Dockerfile	Runtime	Purpose
API server	`Dockerfile`	`uvicorn src.api.main:app --workers 2`	FastAPI REST API
NLP processor	`Dockerfile.nlp`	(NLP-specific entrypoint)	Clinical NLP enrichment
Pipeline	`Dockerfile.pipeline`	(pipeline entrypoint)	HL7/CCDA parse → FHIR → OMOP
Worker	`Dockerfile.worker`	Celery worker	Async task processing via Redis broker

All images run as non-root user appuser. The base image is python:3.11-slim. System dependencies installed at build time: gcc, postgresql-client, curl.

2.4 Configuration Files

File	Purpose
`config/env.remote-example`	Template for remote environment variable configuration
`config/fly.toml`	Fly.io deployment configuration (legacy/alternate deployment target)
`config/deid/default_rules.csv`	De-identification rules applied during PHI scrubbing
`config/fhir_mappings/message_type_registry.json`	HL7 message type to FHIR resource mapping
`config/fhir_mappings/vocabulary_maps.json`	Vocabulary crosswalk configuration
`config/crosswalk/hl7_table_contexts.json`	HL7 table context resolution
`config/hl7_profiles/*.json`	Per-message-type conformance profiles (ADT, ORU, MDM, ORM, etc.)
`.gitleaks.toml`	Secret scanning rules for GitLeaks
`.pre-commit-config.yaml`	Pre-commit hook definitions

2.5 Procfile

A Procfile is present at the repository root, indicating Railway or Heroku-compatible process definitions as a secondary deployment target alongside GKE.

3. Operational Workflows

3.1 Deploy — Pipeline Service

Trigger: Push to main or manual workflow_dispatch on pipeline-deploy.yml.

Steps:

GitHub Actions builds the Docker image from Dockerfile.pipeline.
Image is pushed to the GCP Container Registry.
GKE deployment is updated via kubectl set image or equivalent Helm rollout.
smoke-test.yml fires automatically post-deploy, hitting /health on the newly deployed pods.
If smoke tests fail, the pipeline is halted and the team is notified.

Manual trigger:

GitHub → Actions → pipeline-deploy → Run workflow → Select branch

3.2 Deploy — Celery Workers

Trigger: Push to main or manual workflow_dispatch on pipeline-worker-deploy.yml.

Workers are deployed independently from the API service. This allows scaling worker replicas without touching the API surface. The Celery broker is Redis; ensure Redis connectivity is confirmed before scaling workers.

3.3 Deploy — Web Application

The Next.js web application deploys automatically to Vercel on push to main. No manual workflow is required. Environment variables are configured in the Vercel project dashboard.

3.4 Rollback

Pipeline/Worker rollback (GKE):

kubectl rollout undo deployment/currently-pipeline
kubectl rollout undo deployment/currently-worker

Confirm rollback status:

kubectl rollout status deployment/currently-pipeline

Web rollback (Vercel): Navigate to the Vercel dashboard → Deployments → select the previous successful deployment → Promote to Production.

3.5 Feature Flags

Feature flags are managed via the settings JSONB column on the organizations table in the Platform Cloud SQL database. Module-level toggles for HIE organizations are surfaced in the UI at /dashboard/network/settings/modules.

To enable or disable a module for a specific organization directly in the database:

UPDATE organizations
SET settings = jsonb_set(settings, '{modules,omop_export}', 'true')
WHERE slug = '<org-slug>';

The conformance_toggle feature is tested end-to-end in tests/e2e/test_conformance_toggle.py, confirming runtime behavior responds correctly to flag state.

3.6 User Management

User lifecycle is owned by Clerk. The platform database (users table on orchestrator 192.168.0.251) mirrors Clerk user state via the webhook handler at POST /api/auth/sync-user.

Administrative user operations:

Operation	Mechanism
Invite facility user	`POST /api/admin/invitations/facility-user`
Invite patient	`POST /api/admin/invitations/patient`
Approve provider org	`POST /api/v1/admin/approve-provider`
Approve HIE-facility link	`POST /api/admin/org-links/approve`
List pending registrations	`GET /api/admin/registrations/hie` or `/facility`
Deactivate user	Set `is_active = false` in `users` table; revoke Clerk session via Clerk dashboard

Invitations use tokenized links; the token resolution handler is at GET /api/invitations/:token.

3.7 API Key Management

Platform-level API keys are managed via /api/v1/admin/api-keys. HIE-scoped keys are managed by HIE administrators at /dashboard/network/settings/api-keys, backed by the hie-api-keys-page-client.tsx component. Patient-scoped API access is configurable at /portal/settings/api-access.

Aggregate API key usage metrics are available at GET /api/v1/admin/api-keys/metrics/platform.

3.8 NPI Verification

Provider NPI numbers are verified in real-time via GET /api/npi/verify, which calls the NPPES NPI Registry. This is invoked during facility onboarding.

4. Monitoring and Alerting

4.1 What Is Observed

Signal	Source	Notes
API liveness	`GET /api/health` (FastAPI)	Docker `HEALTHCHECK` runs every 30s
Web liveness	`GET /api/web/health`	Next.js health route
Pipeline job status	`file_registry.status` column	Values: `pending`, `transferred`, `processing`, `completed`, `failed`
Dead letter queue routing	Celery DLQ	Tested in `tests/e2e/test_dlq_routing.py`
PHI access events	Audit log via `GET /api/v1/admin/audit/phi-access`	HIPAA compliance trail
Pipeline throughput	`/dashboard/network/analytics` + `GET /api/v1/admin/analytics/by-org`	Records/hour, vocabulary hit rate
Performance benchmarks	`tests/e2e/test_performance.py`	Baseline regressions caught in CI

4.2 Docker Health Check

The FastAPI container health check is defined in Dockerfile:

HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
    CMD curl -f http://localhost:8000/health || exit 1

A container that fails 3 consecutive checks is marked unhealthy by the container runtime. GKE will restart unhealthy pods automatically.

4.3 End-to-End Monitoring Tests

The test file tests/e2e/test_monitoring.py validates that monitoring instrumentation is functioning. These tests run in the pipeline-test workflow and should pass before any production deployment is promoted.

4.4 Smoke Tests

Post-deploy smoke tests are defined in .github/workflows/smoke-test.yml. They run automatically after pipeline-deploy and pipeline-worker-deploy complete. A smoke test failure must block promotion and trigger immediate investigation.

4.5 Alerting and Escalation

The repository does not contain a dedicated alerting configuration file (e.g., PagerDuty, Alertmanager). The following escalation path is inferred from the architecture:

Severity	Condition	First Responder	Escalation
P1	API `/health` returning non-200; GKE pods unhealthy	On-call engineer	Platform lead within 15 minutes
P1	PHI database unreachable	On-call engineer	Platform lead + Compliance within 15 minutes
P2	Pipeline DLQ depth increasing; jobs stuck in `processing`	Pipeline team	Platform lead within 1 hour
P2	Smoke tests failing post-deploy	Deploying engineer	Rollback immediately; notify team
P3	Elevated `failed` count in `file_registry`	Support team	Pipeline team within 4 hours
P3	API key metrics anomaly	Platform admin	Review within 1 business day

5. Support Workflows

5.1 Ticket Triage

Incoming support requests should be categorized against the following matrix before assignment:

Category	Indicators	Owner
Onboarding — Facility	Invitation not received; registration stuck	Platform Admin
Onboarding — HIE	HIE registration pending approval	Platform Admin
Pipeline — File Failure	Record status `failed`; job not completing	Pipeline Team
Pipeline — DLQ	Job appears in dead letter queue	Pipeline Team
Auth	User cannot log in; role mismatch	Platform Admin (Clerk dashboard)
PHI Access	Unexpected PHI access audit entry	Compliance + Platform Lead
Billing	Subscription or checkout issue	Platform Admin
API Integration	API key not working; 401/403 errors	Platform Admin

5.2 Common Issues and Resolution Playbooks

PLAY-001: Facility User Cannot Log In

Confirm user exists in Clerk dashboard with correct email.
Check users table: SELECT * FROM users WHERE email = '<email>';
Verify is_active = true and organization_id is not null.
If the users row is missing, the Clerk webhook sync may have failed. Manually trigger re-sync or re-invite via POST /api/admin/invitations/facility-user.
Verify the user's Clerk role (clerk_role) matches the expected scope.

PLAY-002: Medical Record Stuck in `processing`

Query file_registry: SELECT id, status, created_at FROM file_registry WHERE status = 'processing' AND created_at < NOW() - INTERVAL '1 hour';
Check Celery worker logs for the corresponding job ID.
If the job is in the DLQ, retrieve the error trace from the DLQ topic and examine the payload.
Common causes: malformed HL7 segment, unsupported message type, vocabulary lookup failure against OMOP Athena.
For malformed payloads, update status to failed, notify the uploading organization, and provide the error detail.
For vocabulary misses, check config/fhir_mappings/vocabulary_maps.json and config/crosswalk/hl7_table_contexts.json for missing mappings.

PLAY-003: HIE Pending Approval Not Resolving

Navigate to /admin/registrations/hie in the platform admin UI, or GET /api/admin/registrations/hie.
Confirm the registration record exists and its status.
Use PATCH /api/admin/registrations/hie/:id to update state, or POST /api/admin/org-links/approve to approve the link.
Verify the associated Clerk organization exists and clerk_org_id is populated in the organizations table.

PLAY-004: API Key Returns 401

Confirm the key exists: GET /api/v1/admin/api-keys.
Check the key's scope — HIE keys, platform keys, and patient keys are distinct and not interchangeable.
Verify the key has not been revoked. If revoked, issue a new key via the appropriate admin UI or API.
Check GET /api/v1/admin/api-keys/metrics/platform for recent usage — no activity may indicate the wrong key is being used.

PLAY-005: Subscription / Checkout Failure

Check GET /api/admin/revenue/stats for subscription state.
Use POST /api/subscriptions/checkout to re-initiate checkout, or POST /api/subscriptions/cancel if the customer is cancelling.
Verify pricing tier configuration at GET /api/admin/pricing/tiers.

PLAY-006: PHI Audit Log Review

Retrieve audit events: GET /api/v1/admin/audit/phi-access with appropriate date range parameters.
Cross-reference with user sessions in Clerk.
Any unexpected access event must be escalated to Compliance immediately and documented. Do not delete audit records.

5.3 NPI Verification Failure

If a facility cannot complete onboarding due to NPI verification failure:

Manually verify the NPI at https://npiregistry.cms.hhs.gov/.
If the NPI is valid but the API is returning errors, check whether the NPPES API is experiencing an outage.
If NPPES is down, temporarily bypass NPI verification with a manual approval via PATCH /api/admin/registrations/facility/:id and document the exception.

6. Environment Management

6.1 Environment Overview

Environment	Web Host	API/Worker Host	Database (Platform)	Database (PHI)
Production	Vercel	GKE	GCP Cloud SQL (Platform)	GCP Cloud SQL (PHI)
Staging	Vercel (preview)	GKE (staging namespace)	GCP Cloud SQL (staging)	GCP Cloud SQL (staging)
Development	`localhost:3000`	`localhost:8000`	Local Postgres or Cloud SQL (dev)	Local Postgres (synthetic data only)
Alternate	Fly.io (`config/fly.toml`)	—	—	—

The orchestrator database (non-PHI) runs on the on-premise host at 192.168.0.251. The PHI Cloud SQL instance is GCP-managed and access is restricted to the FastAPI/Celery GKE workloads via Workload Identity (see commit fix: use workload identity for GCS access).

6.2 Environment Variable Configuration

The template for remote environment configuration is config/env.remote-example. Copy this file to .env and populate values before running services outside of CI.

Critical variables by service:

Variable	Service	Notes
`NEXT_PUBLIC_BACKEND_URL`	Next.js web	Guarded at call site; do not set to empty string in production
Clerk API keys	Next.js web	Set in Vercel project settings
GCS credentials	FastAPI / Worker	Injected via Workload Identity on GKE; service account key for local dev
Redis URL	Celery workers	Points to Redis broker for task queue
Platform DB URL	FastAPI / Next.js	GCP Cloud SQL (no PHI) connection string
PHI DB URL	FastAPI / Celery	GCP Cloud SQL (PHI) connection string — never expose to web tier

6.3 Developer Environment

Local development uses the profiles system in cli/src/config/profiles.ts. Developers should configure a development profile pointing to localhost:8000. PHI data must never be loaded into local development databases; use synthetic HL7/CCDA test fixtures from the tests/ directory.

6.4 Ignored Files by Environment

File	Purpose
`.vercelignore`	Excludes files from Vercel build
`.gcloudignore`	Excludes files from GCP deployments
`.railwayignore`	Excludes files from Railway deployments
`.dockerignore`	Excludes files from Docker build context

7. Secret Management

7.1 Secret Inventory

Secret	Consuming Service	Storage Location	Rotation Policy
Clerk Secret Key	Next.js API routes, `@clerk/backend`	Vercel environment variables	Rotate on suspected exposure; Clerk dashboard → API Keys
Clerk Webhook Signing Secret	`POST /api/auth/sync-user`	Vercel environment variables	Rotate if webhook endpoint is compromised
Platform DB password	FastAPI, Next.js	GCP Secret Manager or Vercel env	Rotate quarterly; update all consumers before rotating
PHI DB password	FastAPI, Celery workers	GCP Secret Manager	Rotate quarterly; coordinate with GKE deployment
GCS Service Account Key (dev)	Local dev only	Developer machine only	Per-developer; revoke on offboarding
GKE Workload Identity	FastAPI, Celery (production)	GCP IAM — no key file	Managed by GCP; review IAM bindings quarterly
Redis password	Celery workers	GCP Secret Manager or Kubernetes Secret	Rotate quarterly
API keys (platform)	CLI, external integrations	Platform database	User-managed; revocable via `DELETE /api/v1/admin/api-keys`

7.2 Secret Scanning

GitLeaks is configured via .gitleaks.toml and runs as a pre-commit hook (.pre-commit-config.yaml). Any commit containing a pattern matching a known secret format is blocked. The code-quality.yml workflow also runs secret scanning in CI.

If a secret is detected in git history:

Immediately rotate the affected credential.
Force-push a cleaned history using git filter-repo or BFG Repo Cleaner.
Notify the security team and document the incident.
Audit access logs for the affected credential's usage window.

7.3 PHI Isolation

The PHI Cloud SQL instance is never accessible from the Next.js web tier. Only the FastAPI and Celery workloads running on GKE with Workload Identity bindings can connect. The NEXT_PUBLIC_BACKEND_URL variable is guarded at the call site in the web application to prevent accidental direct PHI database exposure.

De-identification rules are maintained in config/deid/default_rules.csv. Any change to these rules requires review by the Compliance lead before deployment.

8. Health Checks and Status

8.1 FastAPI Health Endpoint

Route: GET http://<api-host>:8000/health
Defined in: src/api/main.py (FastAPI application entry point)
Expected response: HTTP 200 with a JSON body indicating service status.
Docker HEALTHCHECK: Every 30 seconds, 10-second timeout, 40-second start period, 3 retries before marking unhealthy.

# Manual check
curl -f http://localhost:8000/health

8.2 Next.js Web Health Endpoint

Route: GET /api/web/health
File: web/src/app/api/health/route.ts
Expected response: HTTP 200.
Use: Vercel deployment health checks and uptime monitoring.

curl -f https://<web-host>/api/health

8.3 Database Connectivity

Database connectivity is implicitly verified by the API health check — if the platform database is unreachable, the health endpoint should reflect that. Operators can manually verify connectivity using postgresql-client (included in the API Docker image):

# From within a running API container
psql $DATABASE_URL -c "SELECT 1;"

The orchestrator database host is 192.168.0.251. Ensure network policy allows GKE pods egress to this host if on-premise connectivity is required.

8.4 Pipeline Job Health

Job health is observable through the file_registry table. The following query identifies jobs that have been stuck in processing for more than 30 minutes, which indicates a likely worker failure:

SELECT id, file_name, file_type, status, created_at, updated_at
FROM file_registry
WHERE status = 'processing'
  AND updated_at < NOW() - INTERVAL '30 minutes'
ORDER BY updated_at ASC;

A high count of failed records indicates a systemic pipeline issue and should trigger P2 escalation.

8.5 Post-Deploy Verification Checklist

After any production deployment, complete the following checks before declaring the release stable:

GET /api/web/health returns HTTP 200
GET http://<api-host>:8000/health returns HTTP 200
Smoke test workflow (smoke-test.yml) passed in GitHub Actions
/dashboard/network/jobs shows no unexpected increase in failed jobs
GET /api/v1/admin/api-keys/metrics/platform shows no authentication errors
Celery workers are consuming from the queue (no queue depth growth in Redis)
PHI database connectivity confirmed via API health check
No unexpected entries in GET /api/v1/admin/audit/phi-access since deployment

This document reflects the repository state as of commit fc207dd. Update after each significant infrastructure change. Owner: Platform Engineering.