08 — Release Workflows

Task 8: design release workflows. How a green main becomes a versioned, promoted, rollback-able production release — and a self-host artifact.


1. Versioning & changelog


2. The release & promotion flow

flowchart LR
    classDef m fill:#fde68a,stroke:#b45309,color:#111827;
    classDef g fill:#fbcfe8,stroke:#be185d,color:#111827;
    classDef e fill:#bbf7d0,stroke:#15803d,color:#111827;
    classDef x fill:#fecaca,stroke:#b91c1c,color:#111827;
    main["green main → digest D (signed, SBOM)"]:::m --> dev["dev (auto-sync D)"]:::e
    dev -->|"release-please tag vX.Y.Z + changelog"| rc["staging: GitOps PR pins D"]:::g
    rc -->|"e2e + load + soak pass"| gate{"manual approval<br/>+ sync window open?"}:::g
    gate -- yes --> prod["prod: GitOps PR pins D → canary ([04])"]:::e
    gate -- no --> hold["hold"]:::x
    prod -->|"analysis pass"| stable["stable"]:::e
    prod -->|"analysis fail"| rb["auto-abort → stable"]:::x

3. Rollback & hotfix

Need Action Speed
Canary regressing automatic abort (Argo Rollouts) seconds
Bad release already at 100% git revert the digest bump → ArgoCD re-syncs prior digest minutes
Urgent prod fix hotfix branch off the release tag → patch release → expedited promotion (skip nonprod where justified, still canary) fast
Schema issue roll forward (expand/contract); PITR last resort (12)

Because artifacts are immutable and state is in Git, rollback is revert a commit, not a fire drill.


4. Self-host release artifacts

A release publishes, in addition to the SaaS promotion:

So self-hosters consume the same tested artifacts, versioned and signed.


5. Cadence & communication


6. Tradeoffs / Alternatives / Scaling

Tradeoffs. Automated versioning/changelog requires commit-message discipline (Conventional Commits) — a small tax for reproducible, human-free releases. Manual prod gate trades a little speed for safety on a data-custody product.

Alternatives considered.

Scaling concerns.

References