|
| 1 | +# Release Workflow |
| 2 | + |
| 3 | +`dev` is the integration branch. `master` is the reviewed release branch. |
| 4 | +Production deployment remains a separately authorized operation described in |
| 5 | +[Production operations](operations.md). |
| 6 | + |
| 7 | +## Branch Flow |
| 8 | + |
| 9 | +1. Open each focused feature pull request against `dev`. |
| 10 | +2. Review and merge the feature into `dev`. |
| 11 | +3. Treat the resulting `dev` merge commit as the release candidate. Its push |
| 12 | + CI and CodeQL push runs must finish before promotion is considered. |
| 13 | +4. Open a reviewed promotion from that exact `dev` commit to `master`. |
| 14 | +5. After the promotion is merged and its `master` push CI passes, perform the |
| 15 | + separately authorized deployment procedure. |
| 16 | + |
| 17 | +Do not bypass `dev` by merging feature work directly to `master`. A new commit |
| 18 | +on `dev` after release-candidate validation requires a new validation run. |
| 19 | + |
| 20 | +## Promotion Evidence |
| 21 | + |
| 22 | +Before approving a `dev` to `master` promotion, record or link the following in |
| 23 | +the promotion pull request: |
| 24 | + |
| 25 | +- the exact `dev` commit SHA and its successful CI and CodeQL push runs, |
| 26 | + including Cypress for full-stack changes; |
| 27 | +- the review that approved the promotion and any issue or milestone links; |
| 28 | +- focused and broad checks relevant to the change, including checks not run; |
| 29 | +- schema migration compatibility and data-backfill evidence when persistence |
| 30 | + changes are included; and |
| 31 | +- the intended deployment target plus the rollback path validated under |
| 32 | + [Production operations](operations.md#failed-deployments-and-rollback). |
| 33 | + |
| 34 | +## Release Blockers |
| 35 | + |
| 36 | +A reviewer or release maintainer must block promotion when any required CI check |
| 37 | +fails, the candidate SHA is unclear, review is incomplete, a migration cannot |
| 38 | +run alongside the previous application image, deployment preflight or backup |
| 39 | +restore evidence is missing, rollback has not been verified, or a security or |
| 40 | +privacy concern is unresolved. Production deployment also stops without the |
| 41 | +explicit operational authorization required by the operations guide. |
| 42 | + |
| 43 | +## Deployment Handoff |
| 44 | + |
| 45 | +After `master` CI is green, follow the operations guide in order: |
| 46 | + |
| 47 | +1. complete the [preflight](operations.md#preflight) checks; |
| 48 | +2. deploy with the documented procedure; |
| 49 | +3. perform the [verification and monitoring](operations.md#verification-and-monitoring) |
| 50 | + checks; and |
| 51 | +4. use the documented rollback procedure if readiness or verification fails. |
| 52 | + |
| 53 | +This checklist is release evidence, not a substitute for the production |
| 54 | +authorization, secrets, backups, or host-level checks described in the |
| 55 | +operations guide. |
0 commit comments