This document defines how Sovra changes move from PR to production.
masteris the release branch.- Changes land through PRs with required status checks green.
- Required checks:
CI,Security, andRelease Readiness. - Merge automation should only merge when all required checks are green.
Run from repo root:
pnpm install
pnpm lint
pnpm test
pnpm typecheck
pnpm --filter @sovra/web build
pnpm go:test
pnpm go:build
./scripts/ci/release-readiness-checks.sh- Keep in-flight work under
## [Unreleased]inCHANGELOG.md. - At release time, cut a version section with date:
## [X.Y.Z] - YYYY-MM-DD
- Tag releases with annotated tags:
git tag -a vX.Y.Z -m "Sovra vX.Y.Z"
git push origin vX.Y.ZBefore production deploy:
- Deploy web + worker to staging.
- Validate critical paths:
- Auth + tenant access
- Workspace realtime join/broadcast
- MCP endpoint auth and tool execution
- Admin system health page
- Monitor logs/errors for at least 30 minutes.
Recommended order:
- Deploy worker.
- Deploy web.
- Apply additive migrations.
- Verify health endpoints and realtime collaboration paths.
If a critical regression is detected:
- Roll back web and/or worker to last known-good build.
- Disable risky feature toggles if available.
- Record incident timeline and owner.
- Ship fix-forward patch with regression tests.
Avoid destructive DB rollback. Prefer forward migrations restoring compatibility.