-
Notifications
You must be signed in to change notification settings - Fork 0
DevOps Release Process
Rick Hightower edited this page Jan 28, 2026
·
1 revision
CCH releases follow a structured process ensuring quality and traceability:
-
Development on
developbranch (Fast CI) -
Validation via PR to
main(Full IQ/OQ/PQ) -
Release tag from
main - Deployment via GitHub Releases
Before creating a release PR:
- All planned features merged to
develop - All tests passing on
develop - Version updated in
cch_cli/Cargo.toml - CHANGELOG updated
- Documentation updated
# Ensure develop is clean
git checkout develop
git pull origin develop
# Verify all tests pass
cd cch_cli && cargo test
cd ..
# Update version if needed
# Edit cch_cli/Cargo.toml# Create PR from develop to main
gh pr create \
--base main \
--head develop \
--title "Release: v1.x.x" \
--body "## Release v1.x.x
### Changes
- Feature A
- Feature B
- Bug fix C
### Validation
Full IQ/OQ/PQ validation will run automatically."The PR triggers Full Validation (~10-15 minutes):
| Phase | What Runs |
|---|---|
| IQ | 4-platform installation tests |
| OQ | All operational test suites |
| PQ | Performance and memory tests |
| Report | Validation summary generated |
All phases must pass before merge.
Download validation artifacts from the GitHub Actions run:
- Go to Actions tab
- Find the validation workflow run
- Download artifacts:
-
iq-evidence-*(per platform) oq-evidencepq-evidencevalidation-report
-
# After PR approval and validation passes
# Merge via GitHub UI
# Pull the merged main
git checkout main
git pull origin main
# Create annotated tag
git tag -a v1.x.x -m "Release v1.x.x
Changes:
- Feature A
- Feature B
- Bug fix C"
# Push tag
git push origin v1.x.xgh release create v1.x.x \
--title "CCH v1.x.x" \
--notes "## What's New
### Features
- Feature A
- Feature B
### Bug Fixes
- Bug fix C
### Validation
- IQ: Passed on macOS (ARM64, Intel), Linux, Windows
- OQ: All test suites passed
- PQ: Performance requirements met"For critical fixes that can't wait for normal release cycle:
git checkout main
git pull origin main
git checkout -b hotfix/critical-issue# Minimal changes only
git add .
git commit -m "fix: critical security issue"git push -u origin hotfix/critical-issue
gh pr create \
--base main \
--title "hotfix: critical security issue" \
--body "## Hotfix
### Issue
Description of the critical issue.
### Fix
Description of the fix.
### Testing
- [ ] Verified fix locally
- [ ] Full validation will run"# After hotfix merged to main
git checkout develop
git pull origin develop
git cherry-pick <hotfix-commit-hash>
git push origin developCCH follows Semantic Versioning:
| Version | When to Increment |
|---|---|
| MAJOR (1.x.x) | Breaking changes |
| MINOR (x.1.x) | New features, backward compatible |
| PATCH (x.x.1) | Bug fixes, backward compatible |
Validation evidence is retained per release:
| Release Type | Retention |
|---|---|
| Major | Indefinite |
| Minor | 2 years minimum |
| Patch | 1 year minimum |
Store evidence in docs/validation/sign-off/v{version}/.
If a release has critical issues:
# Identify last good release
git log --oneline --tags
# Create hotfix from last good release
git checkout v1.x.x # last good version
git checkout -b hotfix/rollback-issue
# Cherry-pick fix or revert problematic commit
git revert <bad-commit>
# Follow hotfix process above# Collect all validation evidence
task collect-all
# Generate validation report
task validation-report- Release tag push triggers release workflow
- Binaries automatically built and attached to release
- Evidence available as workflow artifacts