github actions → staging → production
Every push to main triggers the full pipeline. Tests and linting run in parallel,
then the build step produces a Docker image. Staging deploys automatically; production requires
manual approval via a GitHub environment gate.
graph TD
subgraph Source[Source control]
A[Push to main]
B{Branch target?}
C[Preview deploy]
end
subgraph Validate[Validation suite]
D[Static analysis]
E[Unit tests]
F[Integration tests]
G[Policy checks]
end
subgraph Build[Build artifact]
H[Package application]
I[Build image]
J[Publish artifact]
end
subgraph Release[Release gates]
K[Deploy staging]
L{Smoke tests pass?}
M[Alert owners]
N{Production approval?}
end
subgraph Observe[Production observe]
O[Deploy production]
P[Health checks]
Q[Done]
end
A --> B
B -->|feature| C
B -->|main| D
D --> E
E --> F
F --> G
G --> H
H --> I
I --> J
J --> K
K --> L
L -->|No| M
L -->|Yes| N
N -->|Approved| O
O --> P
P --> Q
classDef source stroke-width:2px;
classDef validate stroke-width:2px;
classDef build stroke-width:2px;
classDef release stroke-width:2px;
classDef gate stroke-width:3px;
classDef failure stroke-width:3px,stroke-dasharray:4 3;
classDef success stroke-width:3px;
classDef critical stroke-width:4px;
class A,B,C source;
class D,E,F,G validate;
class H,I,J build;
class K release;
class L,N gate;
class M failure;
class O,P,Q success;
class A,B,D,E,F,G,H,I,J,K,L,N,O,P,Q critical;
linkStyle 0,2,3,4,5,6,7,8,9,10,12,13,14,15 stroke:#CA8A04,stroke-width:3px;
linkStyle 11 stroke:#DC2626,stroke-width:3px,stroke-dasharray:6 4;
look: 'classic' for clean technical lines.
Use hand-drawn mode only when the artifact brief explicitly calls for a whiteboard sketch.
The layout: 'elk' engine provides better node positioning for complex graphs;
it requires the separate @mermaid-js/layout-elk package (imported above). Without it,
Mermaid silently falls back to dagre.