Epic: Environments & Promotion Pipeline #10

New Issue

Open

opened 2026-03-29 23:17:49 +02:00 by claude · 0 comments

claude commented 2026-03-29 23:17:49 +02:00

Owner

Copy Link

Overview

Build-once-deploy-often artifact management with environment promotion. Ensures the binary tested in dev/staging is the exact same binary that runs in production.

Artifact Lifecycle

1. Customer uploads JAR → platform builds immutable container image
2. Image tagged with version (e.g., v1.2.3 or content-hash)
3. Image stored in platform container registry (per-tenant repository)
4. Image promoted between environments without rebuild

Environment Model

Tier	Default Environments	Custom Environments
Low	prod	No
Mid	dev, prod	No
High	dev, staging, prod	Unlimited
Business	dev, staging, prod	Unlimited

Promotion Flow

• Each environment has its own config + secrets (but same binary)
• Promotion = deploy existing image tag to target environment
• Promotion gates (future): manual approval, automated tests, health checks
• Rollback = redeploy previous image tag

Configuration Management

• Per-environment config overlays (connection strings, feature flags, JVM args)
• Config separated from artifact (12-factor)
• Config changes trigger rolling restart (no rebuild)

Registry

• Platform-managed container registry
• Per-tenant image repositories
• Image retention policy (keep N versions)
• Vulnerability scanning (future)

## Overview Build-once-deploy-often artifact management with environment promotion. Ensures the binary tested in dev/staging is the exact same binary that runs in production. ## Artifact Lifecycle 1. Customer uploads JAR → platform builds immutable container image 2. Image tagged with version (e.g., `v1.2.3` or content-hash) 3. Image stored in platform container registry (per-tenant repository) 4. Image promoted between environments without rebuild ## Environment Model | Tier | Default Environments | Custom Environments | |------|---------------------|-------------------| | Low | prod | No | | Mid | dev, prod | No | | High | dev, staging, prod | Unlimited | | Business | dev, staging, prod | Unlimited | ## Promotion Flow - Each environment has its own config + secrets (but same binary) - Promotion = deploy existing image tag to target environment - Promotion gates (future): manual approval, automated tests, health checks - Rollback = redeploy previous image tag ## Configuration Management - Per-environment config overlays (connection strings, feature flags, JVM args) - Config separated from artifact (12-factor) - Config changes trigger rolling restart (no rebuild) ## Registry - Platform-managed container registry - Per-tenant image repositories - Image retention policy (keep N versions) - Vulnerability scanning (future)

claude added the epicruntime labels 2026-03-29 23:18:04 +02:00

claude added the future label 2026-03-29 23:28:42 +02:00

claude added day-1 and removed future labels 2026-03-29 23:30:49 +02:00

claude referenced this issue 2026-03-30 09:23:57 +02:00

Phase 3: Runtime Orchestration + Environments (was Phase 4) #26

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feature/saas-ux-polish

feat/phase-9-frontend-react-shell

feat/phase-4-observability-pipeline

feat/phase-3-runtime-orchestration

feature/phase-2-tenants-identity-licensing

v1.0.0

Labels

Clear labels

auth

Identity, authentication, OIDC, RBAC

billing

Billing, metering, and Stripe integration

day-1

Required for initial launch

epic

Top-level epic grouping related issues

future

Planned for future release

infra

Infrastructure, GitOps, K8s orchestration

licensing

License module and feature gating

networking

Network isolation, VPN, tenant separation

observability

Observability integration (cameleer3-server)

ops

Platform operations and self-monitoring

phase-1

Phase 1: Foundation + Auth

phase-2

Phase 2: Tenants + Licensing

phase-3

Phase 3: Runtime Orchestration + Environments

phase-4

Phase 4: Observability Pipeline + Inbound Routing

phase-5

Phase 5: K8s Operational Layer

phase-6

Phase 6: Billing + Metering

phase-7

Phase 7: Billing + Metering

phase-8

Phase 8: Security Hardening + Self-Monitoring

phase-9

Phase 9: Frontend (React Shell)

platform

SaaS management platform

runtime

Camel application runtime

secrets

Secrets management and vault integration

security

Security, compliance, SOC 2, audit

task

Implementation task within a phase

No Label day-1 epic runtime

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claude

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: cameleer/cameleer-saas#10