shredbx logo
shredbx shredbx shredbx shredbx Personal
  • Home
  • Lab
  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
AClaude
  • Home
  • Lab
  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
Andrei Solovev
Knowledge
Search knowledge... ⌘K
Knowledge · Rules · Process

Deployment Standard

Define quality gates, requirements, and checklists for governed deployment of workspace projects

Andrei Solovev

Tags

rule

Overview

Purpose

Define quality gates, requirements, and checklists for governed deployment of workspace projects

Rules

DEPLOY-001: Every deployable project MUST have a docker-compose.prod.yml checked into Git

The compose file IS the deployment contract — deterministic, versioned, reviewable

DEPLOY-002: Every deployed service MUST expose a /health endpoint returning 200 when healthy

Health checks are the only reliable way to verify deployment success

DEPLOY-003: Rollback MUST be achievable within 120 seconds of detecting a failed deployment

Bounded rollback time limits the blast radius of bad deployments

DEPLOY-004: Each application MUST use its own SA token — never share OP_SERVICE_ACCOUNT_TOKEN across apps

Per Decision

DEPLOY-005: Deployed service ports MUST match the server's port registry allocation

Port conflicts cause silent failures. Registry is source of truth.

DEPLOY-006: Secrets MUST be injected via environment variables or op:// references — never hardcoded in compose files or code

Secrets in Git = security vulnerability. Use 1Password op:// references.

DEPLOY-007: All production services MUST use restart policy "unless-stopped"

Services must survive container crashes and host reboots

DEPLOY-008: All production services SHOULD define memory and CPU limits

Unbounded resource usage can crash the host and affect other services

DEPLOY-009: Production builds MUST use Dokploy compose-from-Git — no pre-built images from GHCR

Simplified pipeline — Dokploy pulls repo, builds images, deploys. No registry overhead.

DEPLOY-010: Every service in docker-compose.prod.yml MUST have a healthcheck section

Docker health checks enable Dokploy to detect and respond to unhealthy containers

shredbx logo shredbx shredbx shredbx shredbx Andrei Solovev

Solution Architect & Lead Software Engineer

ExperiencePortfolioResearch & ExperimentsEducationCertificationSkills
GitHub ↗LinkedIn ↗Email ↗
AVAILABLE FOR NEW PROJECTS
// MY LATEST BEATS
Hobby & Interests

Lab

  • The Lab
  • Framework
  • Components
  • Packages
  • Games
  • Process (SDLC)
  • Knowledge
  • Blog

Andrei

  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
  • Lifestyle

Team

  • Team
  • Andrei
  • Claude

Legal

  • Privacy
  • Terms
  • Cookies
© 2026 shredbx.com. All rights reserved. — Andrei Solovev |