Section 10 · Deployment & Operations

Deployments

Deployment pipeline stability, notifications, build performance, and release tagging

4 items 3 critical 1 recommended

This guide walks you through auditing a project's deployment pipeline, including workflow stability, notifications, build performance, and release tagging.

The Goal: Push-Button Releases

Deployments are boring, predictable events. The team knows instantly when code ships and can roll back if needed.

  • Stable — deployment workflow documented and rarely fails (<10% failure rate)
  • Visible — team notified on both success and failure, not just problems
  • Fast — builds optimized with caching and parallelization
  • Tagged — every production release gets a version tag for traceability
  • Reversible — clear rollback path when things go wrong

Before You Start

  1. Confirm you're in the target repository's root directory
  2. Have gh CLI authenticated with access to the repo
  3. Know the repository owner/name for API calls

Pipeline Stability

DEPLOY-001
Clear, stable deployment workflow critical

Documented deployment workflow that runs reliably

“When did a deploy last fail in a way nobody noticed?”
DEPLOY-002
Deployment failures tracked and team notified critical

Team notified on both deployment success and failure

“How would you find out about a silent deploy failure?”

Build Performance

DEPLOY-003
Build performance optimized recommended

Caching and parallelization keep builds fast

“How long do your engineers wait for a build to finish?”

Release Management

DEPLOY-004
Production deployments tagged critical

Every production deployment gets a tag for traceability

“What's running in production right now — exact version?”
← Previous section

Development Workflow

6 items

 Next section →

Access Control

3 items