Table of contents

Deploy an application to GOV.UK

Teams are responsible for deploying their own work. We believe that regular releases minimise the risk of major problems and improve recovery time. The 2nd line team is responsible for providing access to deploy software for teams who can’t deploy it themselves.

If you are responding to a security incident, follow the steps to deploy fixes for a security vulnerability.

1. Test on integration

Code that is merged to master is automatically deployed to integration. You should verify that your changes work there.

2. Check the context

The golden rule is that you only deploy what you can support.

  • This means that deployments generally take place between 9.30am and 5pm (4pm on Fridays), the core hours when most people are in the office.
  • Check #govuk-deploy recent history and the channel topic. In some circumstances we may institute short deployment freezes, and they will be announced in that channel as well as other developer-relevant channels and possibly email.
  • Announce your deployment in #govuk-2ndline if it’s potentially problematic, or in #govuk-deploy if it involves deploying something other than a release tag (like a branch).

3. Check your changes

Go to the Release application and find the application you want to deploy. Then select the release tag you want to deploy.

  • Check what you will be deploying. If there’s other people’s code to deploy, ask them whether they’re okay for the changes to go out.
  • Check if there’s a deploy note for the application, to see if there are any special instructions or reasons not to deploy. Individual app deploy freezes are usually announced here.
  • Check in #govuk-deploy if someone’s already in the process of deploying the app. This is particularly important for Puppet where there is a delay of 30 minutes between staging and production deployments. Deployments attributed to “Jenkins” are AWS automated deployments and can be ignored for this purpose.

4. Deploy to staging

From the Release application, click the deploy buttons. If you have production access, this will bring you to the Jenkins job to deploy your change.

Once deployed to staging, you will need to:

  • Perform manual testing (including any testing mandated as part of the deploy note for the app)
  • Monitor your app during deployment
  • Check the results of the smoke tests
  • Keep an eye on any Icinga alerts related to your application
  • Check Sentry for any new errors

5. Deploy to production

Again:

  • Perform manual testing (including any testing mandated as part of the deploy note for the app)
  • Monitor your app during deployment
  • Check the results of the smoke tests
  • Keep an eye on any Icinga alerts related to your application
  • Check Sentry for any new errors

Stay around for a while just in case something goes wrong.

This page was last reviewed . It needs to be reviewed again by the page owner #govuk-2ndline.