azaion/gps-denied-desktop
1
0
Fork 0
mirror of https://github.com/azaion/gps-denied-desktop.git synced 2026-04-22 22:36:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
749c8e674d0ed1016eceb294e378b146b7ba52d2
gps-denied-desktop/_docs/00_templates/environment_strategy.md
T
Oleksandr Bezdieniezhnykh fd75243a84 more detailed SDLC plan
2025-12-10 19:05:17 +02:00

140 lines
3.1 KiB
Markdown
Raw Blame History

# Environment Strategy Template
## Overview
Define the environment strategy for the project, including configuration, access, and deployment procedures for each environment.
---
## Environments
### Development (dev)
**Purpose**: Local development and feature testing
| Aspect | Configuration |
|--------|---------------|
| Branch | `dev`, feature branches |
| Database | Local or shared dev instance |
| External Services | Mock/sandbox endpoints |
| Logging Level | DEBUG |
| Access | All developers |
**Configuration**:
```
# .env.development
ENV=development
DATABASE_URL=<dev_database_url>
API_TIMEOUT=30
LOG_LEVEL=DEBUG
```
### Staging (stage)
**Purpose**: Pre-production testing, QA, UAT
| Aspect | Configuration |
|--------|---------------|
| Branch | `stage` |
| Database | Staging instance (production-like) |
| External Services | Sandbox/test endpoints |
| Logging Level | INFO |
| Access | Development team, QA |
**Configuration**:
```
# .env.staging
ENV=staging
DATABASE_URL=<staging_database_url>
API_TIMEOUT=15
LOG_LEVEL=INFO
```
**Deployment Trigger**: Merge to `stage` branch
### Production (prod)
**Purpose**: Live system serving end users
| Aspect | Configuration |
|--------|---------------|
| Branch | `main` |
| Database | Production instance |
| External Services | Production endpoints |
| Logging Level | WARN |
| Access | Restricted (ops team) |
**Configuration**:
```
# .env.production
ENV=production
DATABASE_URL=<production_database_url>
API_TIMEOUT=10
LOG_LEVEL=WARN
```
**Deployment Trigger**: Manual approval after staging validation
---
## Secrets Management
### Secret Categories
- Database credentials
- API keys (internal and external)
- Encryption keys
- Service account credentials
### Storage
| Environment | Secret Storage |
|-------------|----------------|
| Development | .env.local (gitignored) |
| Staging | CI/CD secrets / Vault |
| Production | CI/CD secrets / Vault |
### Rotation Policy
- Database passwords: Every 90 days
- API keys: Every 180 days or on compromise
- Encryption keys: Annually
---
## Environment Parity
### Required Parity
- Same database engine and version
- Same runtime version
- Same dependency versions
- Same configuration structure
### Allowed Differences
- Resource scaling (CPU, memory)
- External service endpoints (sandbox vs production)
- Logging verbosity
- Feature flags
---
## Access Control
| Role | Dev | Staging | Production |
|------|-----|---------|------------|
| Developer | Full | Read + Deploy | Read logs only |
| QA | Read | Full | Read logs only |
| DevOps | Full | Full | Full |
| Stakeholder | None | Read | Read dashboards |
---
## Backup & Recovery
| Environment | Backup Frequency | Retention | RTO | RPO |
|-------------|------------------|-----------|-----|-----|
| Development | None | N/A | N/A | N/A |
| Staging | Daily | 7 days | 4 hours | 24 hours |
| Production | Hourly | 30 days | 1 hour | 1 hour |
---
## Notes
- Never copy production data to lower environments without anonymization
- All environment-specific values must be externalized (no hardcoding)
- Document any environment-specific behaviors in code comments
Reference in New Issue View Git Blame Copy Permalink