First to Site
Release 3.6

Release Pipeline Hardening

Persistent per-env runtime config, production symlink rename, port scheme rationalisation

Overview

The release script now assembles a build worktree from a clean git checkout, pulls runtime config from a persistent per-environment directory, and atomically swaps the environment symlink on success. Release directory naming and port allocations were rationalised so an operator can tell at a glance which release is live and which service lives on which port.

What Changed

Persistent Runtime Config

  • ~/config/<env>/ on each host now holds app.env.local, ordering.env.local, app.credentials.json, ordering.credentials.json, and Google API tokens.
  • Release script copies these into the fresh build worktree before running schema migrations. Clean checkouts do not carry production secrets.
  • Rotating a secret means editing one file per host. No more per-release copy scripts.

Symlink Rename: source -> live

  • Production lived at ~/source with releases named source-YYYYMMDD-HHMMSS.
  • Renamed to ~/live with releases named live-YYYYMMDD-HHMMSS to match operator mental model.
  • Preprod, candidate, UAT, and staging use the same pattern (~/preprod, ~/candidate, etc.) with matching release dirs.

Port Scheme

RangeEnvironment
3xxxxproduction
4xxxxpreprod
5xxxxcandidate
  • releases (supervisor) and dossier-api (systemd) processes allocated into their env's range.
  • post-release.sh restarts the correct processes based on LIVE_LINK_NAME / DEPLOY_ENV.

Webpack / Asset Pipeline

  • Symfony UX vendor packages now copied into node_modules/ for the Stimulus bridge to locate them during build.
  • assets:install runs in the final release location rather than the build worktree so the symlinks land on the right path.
  • Re-publish Symfony assets after the build-worktree -> releases-dir move.
  • app/public/uploads and app/public/media re-created as symlinks to /mnt/efs/ftsuser/media-files/... on every release so user-uploaded content survives a deploy.

Bare Repo Fetch Hardening

  • Release script updates all branch refs during fetch, not just the tracked one, so feature-branch builds work correctly.
  • Reliable git changelog generation + auto-cleanup of old release dirs (keep last 3).

Files Touched

FileChange
scripts/release-prod-safe.tsBuild worktree, config copy, symlink swap
scripts/post-release.shService restart dispatch on env
scripts/bootstrap-prod.tsProduction bootstrap with full vendor copy
Environment config on each hostNew ~/config/<env>/ layout

Changelog Reference

  • feat: rename production symlink from source to live (27ccdf0)
  • feat: use persistent ~/config/<env>/ for runtime files during release (20df588)
  • feat: add release:candidate command for candidate environment (246134a)
  • fix: align post-release service restarts with new port scheme (fd3c38f)
  • fix: copy Symfony UX vendor packages into node_modules for Stimulus bridge (03f70a5)
  • fix: re-publish Symfony assets after moving build to releases dir (135c1b7)
  • fix: restore persistent symlinks (media/uploads) from live release (b38cc0e)
  • fix: use copy mode for assets:install - symlinks break on directory move (4b7338a)
  • fix: update bare repo branch refs during fetch (7e69050)
  • fix: reliable git changelog and auto-cleanup old releases (7f2356b)

Post-Deploy Verification & LLM Summary

Automated health checks, git changelog, and email report after every release

Optimistic Locking on Project

Doctrine-level version protection to prevent stale-write races on project saves

On this page

OverviewWhat ChangedPersistent Runtime ConfigSymlink Rename: source -> livePort SchemeWebpack / Asset PipelineMedia SymlinksBare Repo Fetch HardeningFiles TouchedChangelog Reference