Skip to main content

Decide on Release Promotion Strategy

Problem and Context

We need to control when a release is deployed to a given stage (E.g. dev, staging, production).

We must decide how releases will be promoted from staging to production.

How that will be accomplished will depend on whether or not GitHub Enterprise features are available and whether or not it’s possible to use semantic versioning or not.

Assumptions

  • Auto deployment to the dev stage will be triggered upon every commit to the default branch (e.g. main)

Options

Option A: Automatically Deploy to Staging on Every Release, Use GitHub Approval Steps for Production

Pros
  • Natively supported by GitHub

  • Environment protection rules ensure RBAC restricts who can approve deployments

Cons
  • Requires GitHub Enterprise, as GitHub Approvals, GitHub Environment protection rules (and Environment Secrets) are only available in GitHub Enterprise.

Option B: Automatically Deploy to Staging on Every Release, Use Manual GitHub Action Workflow to Production Deployments

Pros
  • Does not require GitHub Enterprise

  • Staging always represents the latest release

Cons
  • No environment protection rules; anyone who can run the workflow can deploy. Mitigated by customizing the workflow with business logic to restrict it, but not supported by Cloud Posse today.

Option C: Use Manual GitHub Action Workflow for Staging and Production Deployments

Pros
  • Does not require GitHub Enterprise

  • Full control over when every stage is updated

Cons
  • More manual operations to promote a release

  • No environment protection rules; anyone who can run the workflow can deploy. Mitigated by customizing the workflow with business logic to restrict it, but not supported by Cloud Posse today.

Out of Scope

  • Tightly coupled multi-service application deployments