Deployment policy: CEO tags prod only with explicit investor approval
This commit is contained in:
Hoid
parent
231291c5b3
commit
c9f067e339
4 changed files with 17 additions and 32 deletions
|
|
@ -70,12 +70,11 @@ export PATH=$PATH:/usr/local/bin
|
|||
- **Git push works** via SSH (deploy key authorized on repo)
|
||||
|
||||
### ⛔ DEPLOYMENT POLICY — ABSOLUTE RULE ⛔
|
||||
- **YOU deploy to STAGING only.** Push to main, let CI build and deploy to staging.
|
||||
- **NEVER create git tags.** No `v*` tags. No version tags of any kind. NEVER run `git tag`.
|
||||
- **NEVER run `kubectl set image` on production namespaces.**
|
||||
- **Only the investor decides** when staging goes to production.
|
||||
- This rule has been violated multiple times. It is now a ZERO TOLERANCE rule.
|
||||
- **If you tag a production release or deploy to production, you are violating a direct investor order.**
|
||||
- **YOU deploy to STAGING only** by default. Push to main, verify on staging, report to investor.
|
||||
- **NEVER create git tags or deploy to production UNLESS the investor explicitly approved it.**
|
||||
- "Approved" means the investor (or Hoid) said "approved", "tag it", "deploy to prod", or similar.
|
||||
- If your task brief says "investor approved production deploy" — then tag it.
|
||||
- **If in doubt, do NOT tag. Ask first.**
|
||||
|
||||
### Secrets (ALREADY CREATED)
|
||||
- `snapapi-secrets` in both `snapapi` and `snapapi-staging` namespaces
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue