Pre-merge
- PR has at least one approving review from someone other than the author.
- CI checks pass (tests, lint, build).
- Static analysis findings reviewed.
- Dependency scanning findings reviewed; no new criticals/highs.
- Secret scan clean.
- Env / config check — every new production env var that holds a secret reads from Vault at runtime; no secret values in
.env,config.yaml,values.yaml, container images, Helm charts, Terraform state, staticSecretmanifests, or CI logs. See Secrets Management → Application configuration and environment variables. - Migrations are backward-compatible (or flagged with an explicit downtime plan).
- Tests added / updated.
- Documentation updated (public APIs, operational changes).
Pre-deploy
- Tested in staging.
- Rollback plan documented in the release ticket.
- Stakeholders informed if customer-facing.
- Runbook updated if on-call response changes.
Post-deploy
- Smoke tests pass.
- Error rates and latency dashboards green.
- No new alerts firing.
- Release notes published (where applicable).
Security-sensitive releases
For changes to authentication, authorization, payment handling, customer data export, or other sensitive areas:- Threat model reviewed by Security.
- Pen-test or targeted review completed if scope warrants.
- Logging and audit trail verified.
Version history
| Version | Date | Description | Author | Approved by |
|---|---|---|---|---|
| 1.0 | May 8, 2026 | Initial version | Cameron Wolfe | Ishan Jadhwani |