-
Notifications
You must be signed in to change notification settings - Fork 38
Branching Strategy
Branching strategy is a methodology for a team to version control their application development lifecycle. Version control systems (Git in our case) are used alongside automated testing, code reviewing, vulnerability detection, and other CI/CD tools to help a team roll out features quickly and safely.
GoGov currently uses Gitflow as a branching strategy.
On a weekly basis (during maintenance, this interval can be longer), we fork a release-x.xx
branch off of develop
, where x.xx
is the new version number of the application. Creating the branch starts the next release cycle, so no new features can be added after this point. Only bug fixes, documentation generation, and other release-oriented tasks go in this branch. At the same time, we also push the develop
branch to the edge
branch to build and push to our staging environment for tests.
During release, the release-<version_number>
branch is merged into release
, which is configured to build and push to our production environment. In addition, it should be merged back into develop
to incorporate the documentation changes.
Only once it's proven stable, the release-<version_number>
branch is merged into master
so that master
always reflects a production-ready state.
The diagram below shows a Gitflow setup similar to the one described above.
(TODO: update with more accurate diagram)
Using a dedicated branch to prepare releases makes it possible for one developer to polish the current release while another developer continues working on features for the next release.
We use GitHub Actions to manage our CI/ CD.
Both unit and end-to-end tests currently run on every pull request within the virtual environment.
We have vulnerability detection tools, Dependabot, Synk,and CodeQL running on our repository. CodeQL runs on every pull request to analyse the repository to verify that no vulnerable code is introduced, whereas both Dependabot and Synk focus on finding vulnerabilities in the external dependencies used by the repository.
The develop
, release
, and master
branches are all protected branches. PRs made to these branches require at least one approval (as well as all the tests to pass) before merge.
The edge
branch is unprotected, and any pushes to edge
will automatically build and deploy the application to our staging environment. If a developer wants to test out a new feature/ infrastructure/ migration or share any changes with designers/PM, they should test their changes out on staging environment by pushing to the edge
branch.
The edge
and release
branches are configured to deploy automatically to our staging and production environments respectively.
The edge
branch deploys to our staging
environment, not staging
. We sometimes regret this choice of terminology too.
As mentioned above, master
always reflects a production-ready state, so we do not put our releases into master until they have proven stable.