Context
Surfaced by Blind Hunter on PR #48 (story 9-9, finding D18).
Concern
SENTRY_AUTH_TOKEN is set as an EAS env var for both production and preview environments (per runbook §2.3). The OTA workflow's post-publish verification step (added in PR #48 review patch P8) asserts the source-map upload succeeded — but this fires for both channels uniformly.
The story-level verification step in runbook §3.2 ("First-Build Verification → Confirm Sentry source maps uploaded") is only documented for production. Preview builds will quietly succeed source-map upload (or quietly fail) without anyone noticing until a preview crash report is unreadable.
Suggested fix
Pick one:
- Add §3.2-equivalent for preview —
_bmad-output/planning-artifacts/runbooks/submit-and-deploy.md gets a sub-section confirming preview source-map upload after the first preview build / OTA.
- Drop SENTRY_AUTH_TOKEN from preview env — if no one debugs preview crashes via Sentry, save the upload cost. (Probably wrong — preview IS the verification surface.)
- Synthetic-crash test in CI — extend the post-publish step in
ota-update.yml to actually fire a synthetic crash and grep Sentry for the deobfuscated stack. (Heavyweight; may be over-engineering for v1.)
Files
_bmad-output/planning-artifacts/runbooks/submit-and-deploy.md (§3.2)
.github/workflows/ota-update.yml
Pull request: #48
Context
Surfaced by Blind Hunter on PR #48 (story 9-9, finding D18).
Concern
SENTRY_AUTH_TOKENis set as an EAS env var for bothproductionandpreviewenvironments (per runbook §2.3). The OTA workflow's post-publish verification step (added in PR #48 review patch P8) asserts the source-map upload succeeded — but this fires for both channels uniformly.The story-level verification step in runbook §3.2 ("First-Build Verification → Confirm Sentry source maps uploaded") is only documented for production. Preview builds will quietly succeed source-map upload (or quietly fail) without anyone noticing until a preview crash report is unreadable.
Suggested fix
Pick one:
_bmad-output/planning-artifacts/runbooks/submit-and-deploy.mdgets a sub-section confirming preview source-map upload after the first preview build / OTA.ota-update.ymlto actually fire a synthetic crash and grep Sentry for the deobfuscated stack. (Heavyweight; may be over-engineering for v1.)Files
_bmad-output/planning-artifacts/runbooks/submit-and-deploy.md(§3.2).github/workflows/ota-update.ymlPull request: #48