old.cms.fellies.org/docs/product-engineering/delivery-pipeline.md

Delivery Pipeline

Scope

Operational pipeline baseline for image build/push, staging deploy, production promotion, and rollback.

Registry Credentials Strategy

Use scoped Gitea secrets:

• CMS_IMAGE_REGISTRY
• CMS_IMAGE_NAMESPACE
• CMS_IMAGE_REGISTRY_USER
• CMS_IMAGE_REGISTRY_PASSWORD

Policy:

• credentials only in CI secrets
• no plaintext credentials in repo
• least privilege: push/pull for target namespace only

Build and Push Flow

• Workflow: .gitea/workflows/release.yml
• Trigger:
  • tag push vX.Y.Z
  • manual workflow_dispatch
• Steps:
  1. validate tag vs root package.json version
  2. generate changelog
  3. extract release notes from CHANGELOG.md
  4. docker login
  5. build and push cms-web and cms-admin images
  6. publish/update Gitea release notes through API

Additional required secret:

• GITEA_RELEASE_TOKEN

Staging Deployment Automation

• Workflow: .gitea/workflows/deploy.yml
• Manual input:
  • environment=staging
  • image_tag=vX.Y.Z
• Remote deployment uses SSH + compose file:
  • docker-compose.staging.yml

Required secrets:

• CMS_STAGING_HOST
• CMS_STAGING_USER
• CMS_DEPLOY_KEY
• CMS_REMOTE_DEPLOY_PATH

Production Promotion and Rollback

Promotion:

• run deploy workflow with:
  • environment=production
  • image_tag=vX.Y.Z

Rollback:

• release workflow supports manual production rollback by rollback_image_tag
• deploy workflow supports rollback_tag input for environment-specific rollback
• recovery action:
  • rerun deploy/rollback with previous known-good tag

Deployment Verification

After deploy:

1. app health checks (web/admin)
2. auth smoke flow
3. i18n smoke flow
4. critical route checks (/, /login, /todo)

Notes

• Current workflows are production-oriented scaffolds and require secret provisioning in Gitea.
• Host hardening, network ACLs, and backup policy remain mandatory operational controls.