7 · Release + incident response

# ZajLibrary — implementation playbook

You are a **senior implementation assistant** working inside the user’s real development environment (terminal, editor, git repo). You are **not** a documentation writer, tutor, or library editor.

**Mission:** Execute the procedure described below in the user’s real project workspace — create or modify the files and run the commands it specifies. Do not just summarize it.

## Metadata
- title: 7 · Release + incident response
- url: https://library.zajapps.com/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/07-release-and-incident/
- shelf: Build & Create
- doc_type: implementation playbook
- status: current
- kind: playbook
- category: tech-stack
- subcategory: laravel
- topic: codecanyon
- phase: 4
- step_number: 7
- est_time: ~30–45 min
- description: Close the phase — bootstrap or update the changelog and version, tag the release, then stand up an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only.
- tags: codecanyon, release, changelog, incident-response, runbook

## Execution rules (binding)
- This is step 7 of phase 4 (~30–45 min) — do only this step, then stop at its `## Checklist`.
- Follow `## Steps` in order. Do not skip steps or declare the work complete early.
- Respect `:::note[Who does this]`: 👤 **User** steps (browser, downloads, OAuth, moving files) need the human — wait for or instruct them; 🤖 **Agent** steps you run in the shell.
- After every command, compare its output to the `# Expected:` comment or ✅ bullet beneath it. If it differs, **stop, show what you got, and ask how to proceed** — do not guess or rewrite the procedure.
- Honor `:::caution` / `:::note` callouts as hard gates (a step may forbid a command at this stage).
- Do not mark the step done until every `## Checklist` item is genuinely satisfied.
- Scope: implement only what this page describes — no refactors, added features, or later-phase work unless the page says so.
- When reporting progress, cite the `##` / `###` headings you completed or got blocked on.
- Secrets: never put API keys, passwords, or `.env` values in frontend code, commits, or chat logs — use server-side `.env` / config only, and keep `.env` gitignored.

---

# 7 · Release + incident response

## TL;DR

**Objective** — close the phase with two release disciplines: a versioned, changelogged release you can point to and roll back to, and an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only — the difference between a calm incident and a scramble.

:::note[User part + done-when]
**👤 User part** — a person chooses the SemVer number and the runbook strategy, and fills in the human details (emergency contacts, on-call order). An agent audits existing release/incident infrastructure, drafts and bumps the changelog, tags and pushes the release, and wires `INCIDENT.md` into the symmetric path lists.

**Done when** the version is determined and `CHANGELOG.md` is bootstrapped/updated, the release is committed and tagged `vX.Y.Z` and **only that tag** is pushed (not `git push --tags`), the runbook covers detection/severities/contacts/rollback/pre-deploy checks, `INCIDENT.md` is in **both** `clear_paths` and `GIT_ONLY_PATHS`, and `dep rollback` is confirmed available. &nbsp;·&nbsp; **⏱ ~30–45 min** &nbsp;·&nbsp; 🔀 mixed (👤 version + contacts, 🤖 changelog/tag/wiring).
:::

## Background

:::note[SHOULD — release hygiene + operability]
Two final disciplines before staging deploys begin: a versioned, changelogged release you can point to and roll back to, and a runbook for when production breaks. Both make the difference between a calm incident and a scramble.
:::

## Steps

### 1. Audit existing release infrastructure

Decide whether to bootstrap a new changelog or extend an existing one (single-file vs the dual-file pattern some CodeCanyon kits ship).

<Steps>

1. **Inventory changelogs, version, and tags.**

   ```bash
   ls CHANGELOG.md HISTORY.md changelog.txt 2>/dev/null   # any existing changelog?
   grep '"version"' composer.json                          # current version, if set
   git tag --list | tail                                   # existing release tags
   # Expected: whatever changelog files exist, the current composer.json version, and recent tags
   ```

   - ✅ You know whether to bootstrap a new changelog or extend an existing one, and the current version/tags.

</Steps>

### 2. Determine the version number

Use SemVer relative to what shipped: `MAJOR.MINOR.PATCH`. For a first managed release, `1.0.0` is reasonable if the vendor baseline is unversioned; otherwise increment from the latest tag.

### 3. Write the changelog

Bootstrap when none exists; otherwise prepend the new version block and keep the existing format.

<Steps>

1. **Write (or prepend) the version block.**

   ```markdown
   # Changelog

   All notable changes to this project are documented here.
   This project adheres to [Semantic Versioning](https://semver.org/).

   ## [1.0.0] — 2026-06-09
   ### Added
   - Initial managed release on the deploy pipeline.
   ### Changed
   ### Fixed
   ```

   - ✅ The changelog carries the new version block; for **dual-file** kits (e.g. a public `CHANGELOG.md` + an internal one), both are updated so they don't drift.

</Steps>

### 4. Bump version and tag

Commit the changelog + version bump together, then tag and push.

<Steps>

1. **Commit, tag, and push the release.**

   ```bash
   # Update composer.json version (if the kit tracks it there)
   # then commit the changelog + version bump together
   git add CHANGELOG.md composer.json
   git commit -m "release: v1.0.0"
   git tag -a v1.0.0 -m "v1.0.0 — initial managed release"
   git push origin main
   git push origin v1.0.0   # push only this release tag; never use the all-tags push form
   # Expected: the release commit and the v1.0.0 tag are pushed to the remote
   ```

   - ✅ The release is committed, tagged `vX.Y.Z`, and **only that tag** is pushed.

</Steps>

:::tip[Tag conventions in this pipeline]
Keep the three tag types distinct: **vendor baseline** (untouched CodeCanyon import), **checkpoint** (pre-risky-change safety net), and **release** (`vX.Y.Z`, shippable). The release tag is what you roll back *to*.
:::

### 5. Audit incident-response infrastructure

Check what already exists: Deployer's `rollback` task, DB backup job, health-check endpoint, Sentry/error tracking.

<Steps>

1. **Inventory the runbook, error tracking, and rollback task.**

   ```bash
   ls INCIDENT.md docs/runbook.md 2>/dev/null      # existing runbook?
   grep -ri 'sentry' config/ .env.example          # error tracking wired?
   dep list 2>/dev/null | grep -q rollback && echo "rollback available"
   # Expected: any existing runbook, whether Sentry is referenced, and rollback task listed by dep list
   ```

   - ✅ You know what incident infrastructure already exists (runbook, Sentry, rollback task).

</Steps>

### 6. Pick a runbook strategy

| Strategy | When | Result |
|---|---|---|
| **Full** | Real users, on-call expected | Complete runbook with all sections below |
| **Partial** | Launching soon, basics in place | Core sections; flesh out post-launch |
| **Blank template** | Pre-launch, no traffic yet | Scaffold with `TODO`s so structure exists |

### 7. Write the runbook content

A partial-to-full `INCIDENT.md` should cover:

- **Detection** — Sentry alerts, uptime monitor (UptimeRobot/Better Stack), SSL-expiry monitor (cert from page 2 expires every 90 days).
- **Severity levels** — e.g. SEV1 site down, SEV2 degraded, SEV3 minor — with response-time expectations.
- **Emergency contacts** — who to call, in order; provider support links.
- **Playbook per failure** — site down, deploy failed, DB issue, SSL expired — each with first commands.
- **Rollback** — `dep rollback production` flips `current` back to the previous release (retention set in **[1 · Deployer](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/01-deployer/)**).
- **Pre-deploy checks** — the gate to run before every production deploy.

### 8. Wire `INCIDENT.md` as dev-only

The runbook is internal — it must never ship to the server. Add it to **both** the `clear_paths`/`GIT_ONLY_PATHS` pair from **[4 · CI + ServerSync](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/04-ci-serversync/)** so it stays in Git but is stripped from releases.

<Steps>

1. **Confirm `INCIDENT.md` is in both path lists.**

   ```bash
   grep -A20 'clear_paths' deploy.php | grep INCIDENT
   grep 'GIT_ONLY_PATHS' .github/workflows/*.yml | grep INCIDENT
   # Expected: INCIDENT.md appears in both the clear_paths block and GIT_ONLY_PATHS
   ```

   - ✅ `INCIDENT.md` appears in **both** `clear_paths` and `GIT_ONLY_PATHS`.

</Steps>

:::caution[Symmetry again]
`INCIDENT.md` must appear in **both** lists. In `clear_paths` only → ServerSync may re-pull then it gets wiped. In `GIT_ONLY_PATHS` only → it can leak into a release. Both, always.
:::

## Checklist

Do not mark this step done until **every** box below is checked.

- [ ] **🔀 Version + changelog** — version determined (SemVer); `CHANGELOG.md` bootstrapped or updated (both files if dual-file).
- [ ] **🤖 Release tagged** — release committed and tagged `vX.Y.Z`; **only that tag** pushed (not `--tags`).
- [ ] **🔀 Runbook complete** — strategy chosen; `INCIDENT.md` covers detection, severities, contacts, rollback, pre-deploy checks.
- [ ] **🤖 Dev-only wiring** — `INCIDENT.md` present in **both** `clear_paths` and `GIT_ONLY_PATHS`.
- [ ] **🤖 Rollback ready** — `dep rollback` confirmed available as the recovery path.

:::next[Next step]
The pipeline is wired. Continue to **[Phase 5 · Staging deploy](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/05-deploy-staging/)** — take the app from "runs locally" to "runs on a real server."
:::

# 7 · Release + incident response

> Source: https://library.zajapps.com/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/07-release-and-incident/

## TL;DR

**Objective** — close the phase with two release disciplines: a versioned, changelogged release you can point to and roll back to, and an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only — the difference between a calm incident and a scramble.

:::note[User part + done-when]
**👤 User part** — a person chooses the SemVer number and the runbook strategy, and fills in the human details (emergency contacts, on-call order). An agent audits existing release/incident infrastructure, drafts and bumps the changelog, tags and pushes the release, and wires `INCIDENT.md` into the symmetric path lists.

**Done when** the version is determined and `CHANGELOG.md` is bootstrapped/updated, the release is committed and tagged `vX.Y.Z` and **only that tag** is pushed (not `git push --tags`), the runbook covers detection/severities/contacts/rollback/pre-deploy checks, `INCIDENT.md` is in **both** `clear_paths` and `GIT_ONLY_PATHS`, and `dep rollback` is confirmed available. &nbsp;·&nbsp; **⏱ ~30–45 min** &nbsp;·&nbsp; 🔀 mixed (👤 version + contacts, 🤖 changelog/tag/wiring).
:::

## Background

:::note[SHOULD — release hygiene + operability]
Two final disciplines before staging deploys begin: a versioned, changelogged release you can point to and roll back to, and a runbook for when production breaks. Both make the difference between a calm incident and a scramble.
:::

## Steps

### 1. Audit existing release infrastructure

Decide whether to bootstrap a new changelog or extend an existing one (single-file vs the dual-file pattern some CodeCanyon kits ship).

<Steps>

1. **Inventory changelogs, version, and tags.**

   ```bash
   ls CHANGELOG.md HISTORY.md changelog.txt 2>/dev/null   # any existing changelog?
   grep '"version"' composer.json                          # current version, if set
   git tag --list | tail                                   # existing release tags
   # Expected: whatever changelog files exist, the current composer.json version, and recent tags
   ```

   - ✅ You know whether to bootstrap a new changelog or extend an existing one, and the current version/tags.

</Steps>

### 2. Determine the version number

Use SemVer relative to what shipped: `MAJOR.MINOR.PATCH`. For a first managed release, `1.0.0` is reasonable if the vendor baseline is unversioned; otherwise increment from the latest tag.

### 3. Write the changelog

Bootstrap when none exists; otherwise prepend the new version block and keep the existing format.

<Steps>

1. **Write (or prepend) the version block.**

   ```markdown
   # Changelog

   All notable changes to this project are documented here.
   This project adheres to [Semantic Versioning](https://semver.org/).

   ## [1.0.0] — 2026-06-09
   ### Added
   - Initial managed release on the deploy pipeline.
   ### Changed
   ### Fixed
   ```

   - ✅ The changelog carries the new version block; for **dual-file** kits (e.g. a public `CHANGELOG.md` + an internal one), both are updated so they don't drift.

</Steps>

### 4. Bump version and tag

Commit the changelog + version bump together, then tag and push.

<Steps>

1. **Commit, tag, and push the release.**

   ```bash
   # Update composer.json version (if the kit tracks it there)
   # then commit the changelog + version bump together
   git add CHANGELOG.md composer.json
   git commit -m "release: v1.0.0"
   git tag -a v1.0.0 -m "v1.0.0 — initial managed release"
   git push origin main
   git push origin v1.0.0   # push only this release tag; never use the all-tags push form
   # Expected: the release commit and the v1.0.0 tag are pushed to the remote
   ```

   - ✅ The release is committed, tagged `vX.Y.Z`, and **only that tag** is pushed.

</Steps>

:::tip[Tag conventions in this pipeline]
Keep the three tag types distinct: **vendor baseline** (untouched CodeCanyon import), **checkpoint** (pre-risky-change safety net), and **release** (`vX.Y.Z`, shippable). The release tag is what you roll back *to*.
:::

### 5. Audit incident-response infrastructure

Check what already exists: Deployer's `rollback` task, DB backup job, health-check endpoint, Sentry/error tracking.

<Steps>

1. **Inventory the runbook, error tracking, and rollback task.**

   ```bash
   ls INCIDENT.md docs/runbook.md 2>/dev/null      # existing runbook?
   grep -ri 'sentry' config/ .env.example          # error tracking wired?
   dep list 2>/dev/null | grep -q rollback && echo "rollback available"
   # Expected: any existing runbook, whether Sentry is referenced, and rollback task listed by dep list
   ```

   - ✅ You know what incident infrastructure already exists (runbook, Sentry, rollback task).

</Steps>

### 6. Pick a runbook strategy

| Strategy | When | Result |
|---|---|---|
| **Full** | Real users, on-call expected | Complete runbook with all sections below |
| **Partial** | Launching soon, basics in place | Core sections; flesh out post-launch |
| **Blank template** | Pre-launch, no traffic yet | Scaffold with `TODO`s so structure exists |

### 7. Write the runbook content

A partial-to-full `INCIDENT.md` should cover:

- **Detection** — Sentry alerts, uptime monitor (UptimeRobot/Better Stack), SSL-expiry monitor (cert from page 2 expires every 90 days).
- **Severity levels** — e.g. SEV1 site down, SEV2 degraded, SEV3 minor — with response-time expectations.
- **Emergency contacts** — who to call, in order; provider support links.
- **Playbook per failure** — site down, deploy failed, DB issue, SSL expired — each with first commands.
- **Rollback** — `dep rollback production` flips `current` back to the previous release (retention set in **[1 · Deployer](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/01-deployer/)**).
- **Pre-deploy checks** — the gate to run before every production deploy.

### 8. Wire `INCIDENT.md` as dev-only

The runbook is internal — it must never ship to the server. Add it to **both** the `clear_paths`/`GIT_ONLY_PATHS` pair from **[4 · CI + ServerSync](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/04-ci-serversync/)** so it stays in Git but is stripped from releases.

<Steps>

1. **Confirm `INCIDENT.md` is in both path lists.**

   ```bash
   grep -A20 'clear_paths' deploy.php | grep INCIDENT
   grep 'GIT_ONLY_PATHS' .github/workflows/*.yml | grep INCIDENT
   # Expected: INCIDENT.md appears in both the clear_paths block and GIT_ONLY_PATHS
   ```

   - ✅ `INCIDENT.md` appears in **both** `clear_paths` and `GIT_ONLY_PATHS`.

</Steps>

:::caution[Symmetry again]
`INCIDENT.md` must appear in **both** lists. In `clear_paths` only → ServerSync may re-pull then it gets wiped. In `GIT_ONLY_PATHS` only → it can leak into a release. Both, always.
:::

## Checklist

Do not mark this step done until **every** box below is checked.

- [ ] **🔀 Version + changelog** — version determined (SemVer); `CHANGELOG.md` bootstrapped or updated (both files if dual-file).
- [ ] **🤖 Release tagged** — release committed and tagged `vX.Y.Z`; **only that tag** pushed (not `--tags`).
- [ ] **🔀 Runbook complete** — strategy chosen; `INCIDENT.md` covers detection, severities, contacts, rollback, pre-deploy checks.
- [ ] **🤖 Dev-only wiring** — `INCIDENT.md` present in **both** `clear_paths` and `GIT_ONLY_PATHS`.
- [ ] **🤖 Rollback ready** — `dep rollback` confirmed available as the recovery path.

:::next[Next step]
The pipeline is wired. Continue to **[Phase 5 · Staging deploy](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/05-deploy-staging/)** — take the app from "runs locally" to "runs on a real server."
:::

TL;DR

Objective — close the phase with two release disciplines: a versioned, changelogged release you can point to and roll back to, and an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only — the difference between a calm incident and a scramble.

Background

Steps

1. Audit existing release infrastructure

Decide whether to bootstrap a new changelog or extend an existing one (single-file vs the dual-file pattern some CodeCanyon kits ship).

Inventory changelogs, version, and tags.

ls CHANGELOG.md HISTORY.md changelog.txt 2>/dev/null   # any existing changelog?
grep '"version"' composer.json                          # current version, if set
git tag --list | tail                                   # existing release tags
# Expected: whatever changelog files exist, the current composer.json version, and recent tags

✅ You know whether to bootstrap a new changelog or extend an existing one, and the current version/tags.

2. Determine the version number

Use SemVer relative to what shipped: MAJOR.MINOR.PATCH. For a first managed release, 1.0.0 is reasonable if the vendor baseline is unversioned; otherwise increment from the latest tag.

3. Write the changelog

Bootstrap when none exists; otherwise prepend the new version block and keep the existing format.

Write (or prepend) the version block.

# Changelog

All notable changes to this project are documented here.
This project adheres to [Semantic Versioning](https://semver.org/).

## [1.0.0] — 2026-06-09
### Added
- Initial managed release on the deploy pipeline.
### Changed
### Fixed

✅ The changelog carries the new version block; for dual-file kits (e.g. a public CHANGELOG.md + an internal one), both are updated so they don’t drift.

4. Bump version and tag

Commit the changelog + version bump together, then tag and push.

Commit, tag, and push the release.

# Update composer.json version (if the kit tracks it there)
# then commit the changelog + version bump together
git add CHANGELOG.md composer.json
git commit -m "release: v1.0.0"
git tag -a v1.0.0 -m "v1.0.0 — initial managed release"
git push origin main
git push origin v1.0.0   # push only this release tag; never use the all-tags push form
# Expected: the release commit and the v1.0.0 tag are pushed to the remote

✅ The release is committed, tagged vX.Y.Z, and only that tag is pushed.

5. Audit incident-response infrastructure

Check what already exists: Deployer’s rollback task, DB backup job, health-check endpoint, Sentry/error tracking.

Inventory the runbook, error tracking, and rollback task.

ls INCIDENT.md docs/runbook.md 2>/dev/null      # existing runbook?
grep -ri 'sentry' config/ .env.example          # error tracking wired?
dep list 2>/dev/null | grep -q rollback && echo "rollback available"
# Expected: any existing runbook, whether Sentry is referenced, and rollback task listed by dep list

✅ You know what incident infrastructure already exists (runbook, Sentry, rollback task).

6. Pick a runbook strategy

Strategy	When	Result
Full	Real users, on-call expected	Complete runbook with all sections below
Partial	Launching soon, basics in place	Core sections; flesh out post-launch
Blank template	Pre-launch, no traffic yet	Scaffold with `TODO`s so structure exists

7. Write the runbook content

A partial-to-full INCIDENT.md should cover:

Detection — Sentry alerts, uptime monitor (UptimeRobot/Better Stack), SSL-expiry monitor (cert from page 2 expires every 90 days).
Severity levels — e.g. SEV1 site down, SEV2 degraded, SEV3 minor — with response-time expectations.
Emergency contacts — who to call, in order; provider support links.
Playbook per failure — site down, deploy failed, DB issue, SSL expired — each with first commands.
Rollback — dep rollback production flips current back to the previous release (retention set in 1 · Deployer).
Pre-deploy checks — the gate to run before every production deploy.

8. Wire `INCIDENT.md` as dev-only

The runbook is internal — it must never ship to the server. Add it to both the clear_paths/GIT_ONLY_PATHS pair from 4 · CI + ServerSync so it stays in Git but is stripped from releases.

Confirm INCIDENT.md is in both path lists.

grep -A20 'clear_paths' deploy.php | grep INCIDENT
grep 'GIT_ONLY_PATHS' .github/workflows/*.yml | grep INCIDENT
# Expected: INCIDENT.md appears in both the clear_paths block and GIT_ONLY_PATHS

✅ INCIDENT.md appears in both clear_paths and GIT_ONLY_PATHS.

Checklist

Do not mark this step done until every box below is checked.

🔀 Version + changelog — version determined (SemVer); CHANGELOG.md bootstrapped or updated (both files if dual-file).
🤖 Release tagged — release committed and tagged vX.Y.Z; only that tag pushed (not --tags).
🔀 Runbook complete — strategy chosen; INCIDENT.md covers detection, severities, contacts, rollback, pre-deploy checks.
🤖 Dev-only wiring — INCIDENT.md present in both clear_paths and GIT_ONLY_PATHS.
🤖 Rollback ready — dep rollback confirmed available as the recovery path.

The pipeline is wired. Continue to Phase 5 · Staging deploy — take the app from “runs locally” to “runs on a real server.”

# ZajLibrary — implementation playbook

You are a **senior implementation assistant** working inside the user’s real development environment (terminal, editor, git repo). You are **not** a documentation writer, tutor, or library editor.

**Mission:** Execute the procedure described below in the user’s real project workspace — create or modify the files and run the commands it specifies. Do not just summarize it.

## Metadata
- title: 7 · Release + incident response
- url: https://library.zajapps.com/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/07-release-and-incident/
- shelf: Build & Create
- doc_type: implementation playbook
- status: current
- kind: playbook
- category: tech-stack
- subcategory: laravel
- topic: codecanyon
- phase: 4
- step_number: 7
- est_time: ~30–45 min
- description: Close the phase — bootstrap or update the changelog and version, tag the release, then stand up an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only.
- tags: codecanyon, release, changelog, incident-response, runbook

## Execution rules (binding)
- This is step 7 of phase 4 (~30–45 min) — do only this step, then stop at its `## Checklist`.
- Follow `## Steps` in order. Do not skip steps or declare the work complete early.
- Respect `:::note[Who does this]`: 👤 **User** steps (browser, downloads, OAuth, moving files) need the human — wait for or instruct them; 🤖 **Agent** steps you run in the shell.
- After every command, compare its output to the `# Expected:` comment or ✅ bullet beneath it. If it differs, **stop, show what you got, and ask how to proceed** — do not guess or rewrite the procedure.
- Honor `:::caution` / `:::note` callouts as hard gates (a step may forbid a command at this stage).
- Do not mark the step done until every `## Checklist` item is genuinely satisfied.
- Scope: implement only what this page describes — no refactors, added features, or later-phase work unless the page says so.
- When reporting progress, cite the `##` / `###` headings you completed or got blocked on.
- Secrets: never put API keys, passwords, or `.env` values in frontend code, commits, or chat logs — use server-side `.env` / config only, and keep `.env` gitignored.

---

# 7 · Release + incident response

## TL;DR

**Objective** — close the phase with two release disciplines: a versioned, changelogged release you can point to and roll back to, and an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only — the difference between a calm incident and a scramble.

:::note[User part + done-when]
**👤 User part** — a person chooses the SemVer number and the runbook strategy, and fills in the human details (emergency contacts, on-call order). An agent audits existing release/incident infrastructure, drafts and bumps the changelog, tags and pushes the release, and wires `INCIDENT.md` into the symmetric path lists.

**Done when** the version is determined and `CHANGELOG.md` is bootstrapped/updated, the release is committed and tagged `vX.Y.Z` and **only that tag** is pushed (not `git push --tags`), the runbook covers detection/severities/contacts/rollback/pre-deploy checks, `INCIDENT.md` is in **both** `clear_paths` and `GIT_ONLY_PATHS`, and `dep rollback` is confirmed available. &nbsp;·&nbsp; **⏱ ~30–45 min** &nbsp;·&nbsp; 🔀 mixed (👤 version + contacts, 🤖 changelog/tag/wiring).
:::

## Background

:::note[SHOULD — release hygiene + operability]
Two final disciplines before staging deploys begin: a versioned, changelogged release you can point to and roll back to, and a runbook for when production breaks. Both make the difference between a calm incident and a scramble.
:::

## Steps

### 1. Audit existing release infrastructure

Decide whether to bootstrap a new changelog or extend an existing one (single-file vs the dual-file pattern some CodeCanyon kits ship).

<Steps>

1. **Inventory changelogs, version, and tags.**

   ```bash
   ls CHANGELOG.md HISTORY.md changelog.txt 2>/dev/null   # any existing changelog?
   grep '"version"' composer.json                          # current version, if set
   git tag --list | tail                                   # existing release tags
   # Expected: whatever changelog files exist, the current composer.json version, and recent tags
   ```

   - ✅ You know whether to bootstrap a new changelog or extend an existing one, and the current version/tags.

</Steps>

### 2. Determine the version number

Use SemVer relative to what shipped: `MAJOR.MINOR.PATCH`. For a first managed release, `1.0.0` is reasonable if the vendor baseline is unversioned; otherwise increment from the latest tag.

### 3. Write the changelog

Bootstrap when none exists; otherwise prepend the new version block and keep the existing format.

<Steps>

1. **Write (or prepend) the version block.**

   ```markdown
   # Changelog

   All notable changes to this project are documented here.
   This project adheres to [Semantic Versioning](https://semver.org/).

   ## [1.0.0] — 2026-06-09
   ### Added
   - Initial managed release on the deploy pipeline.
   ### Changed
   ### Fixed
   ```

   - ✅ The changelog carries the new version block; for **dual-file** kits (e.g. a public `CHANGELOG.md` + an internal one), both are updated so they don't drift.

</Steps>

### 4. Bump version and tag

Commit the changelog + version bump together, then tag and push.

<Steps>

1. **Commit, tag, and push the release.**

   ```bash
   # Update composer.json version (if the kit tracks it there)
   # then commit the changelog + version bump together
   git add CHANGELOG.md composer.json
   git commit -m "release: v1.0.0"
   git tag -a v1.0.0 -m "v1.0.0 — initial managed release"
   git push origin main
   git push origin v1.0.0   # push only this release tag; never use the all-tags push form
   # Expected: the release commit and the v1.0.0 tag are pushed to the remote
   ```

   - ✅ The release is committed, tagged `vX.Y.Z`, and **only that tag** is pushed.

</Steps>

:::tip[Tag conventions in this pipeline]
Keep the three tag types distinct: **vendor baseline** (untouched CodeCanyon import), **checkpoint** (pre-risky-change safety net), and **release** (`vX.Y.Z`, shippable). The release tag is what you roll back *to*.
:::

### 5. Audit incident-response infrastructure

Check what already exists: Deployer's `rollback` task, DB backup job, health-check endpoint, Sentry/error tracking.

<Steps>

1. **Inventory the runbook, error tracking, and rollback task.**

   ```bash
   ls INCIDENT.md docs/runbook.md 2>/dev/null      # existing runbook?
   grep -ri 'sentry' config/ .env.example          # error tracking wired?
   dep list 2>/dev/null | grep -q rollback && echo "rollback available"
   # Expected: any existing runbook, whether Sentry is referenced, and rollback task listed by dep list
   ```

   - ✅ You know what incident infrastructure already exists (runbook, Sentry, rollback task).

</Steps>

### 6. Pick a runbook strategy

| Strategy | When | Result |
|---|---|---|
| **Full** | Real users, on-call expected | Complete runbook with all sections below |
| **Partial** | Launching soon, basics in place | Core sections; flesh out post-launch |
| **Blank template** | Pre-launch, no traffic yet | Scaffold with `TODO`s so structure exists |

### 7. Write the runbook content

A partial-to-full `INCIDENT.md` should cover:

- **Detection** — Sentry alerts, uptime monitor (UptimeRobot/Better Stack), SSL-expiry monitor (cert from page 2 expires every 90 days).
- **Severity levels** — e.g. SEV1 site down, SEV2 degraded, SEV3 minor — with response-time expectations.
- **Emergency contacts** — who to call, in order; provider support links.
- **Playbook per failure** — site down, deploy failed, DB issue, SSL expired — each with first commands.
- **Rollback** — `dep rollback production` flips `current` back to the previous release (retention set in **[1 · Deployer](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/01-deployer/)**).
- **Pre-deploy checks** — the gate to run before every production deploy.

### 8. Wire `INCIDENT.md` as dev-only

The runbook is internal — it must never ship to the server. Add it to **both** the `clear_paths`/`GIT_ONLY_PATHS` pair from **[4 · CI + ServerSync](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/04-ci-serversync/)** so it stays in Git but is stripped from releases.

<Steps>

1. **Confirm `INCIDENT.md` is in both path lists.**

   ```bash
   grep -A20 'clear_paths' deploy.php | grep INCIDENT
   grep 'GIT_ONLY_PATHS' .github/workflows/*.yml | grep INCIDENT
   # Expected: INCIDENT.md appears in both the clear_paths block and GIT_ONLY_PATHS
   ```

   - ✅ `INCIDENT.md` appears in **both** `clear_paths` and `GIT_ONLY_PATHS`.

</Steps>

:::caution[Symmetry again]
`INCIDENT.md` must appear in **both** lists. In `clear_paths` only → ServerSync may re-pull then it gets wiped. In `GIT_ONLY_PATHS` only → it can leak into a release. Both, always.
:::

## Checklist

Do not mark this step done until **every** box below is checked.

- [ ] **🔀 Version + changelog** — version determined (SemVer); `CHANGELOG.md` bootstrapped or updated (both files if dual-file).
- [ ] **🤖 Release tagged** — release committed and tagged `vX.Y.Z`; **only that tag** pushed (not `--tags`).
- [ ] **🔀 Runbook complete** — strategy chosen; `INCIDENT.md` covers detection, severities, contacts, rollback, pre-deploy checks.
- [ ] **🤖 Dev-only wiring** — `INCIDENT.md` present in **both** `clear_paths` and `GIT_ONLY_PATHS`.
- [ ] **🤖 Rollback ready** — `dep rollback` confirmed available as the recovery path.

:::next[Next step]
The pipeline is wired. Continue to **[Phase 5 · Staging deploy](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/05-deploy-staging/)** — take the app from "runs locally" to "runs on a real server."
:::

# 7 · Release + incident response

> Source: https://library.zajapps.com/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/07-release-and-incident/

## TL;DR

**Objective** — close the phase with two release disciplines: a versioned, changelogged release you can point to and roll back to, and an incident-response runbook (Sentry, uptime, SSL expiry, severities, contacts) wired into the repo as dev-only — the difference between a calm incident and a scramble.

:::note[User part + done-when]
**👤 User part** — a person chooses the SemVer number and the runbook strategy, and fills in the human details (emergency contacts, on-call order). An agent audits existing release/incident infrastructure, drafts and bumps the changelog, tags and pushes the release, and wires `INCIDENT.md` into the symmetric path lists.

**Done when** the version is determined and `CHANGELOG.md` is bootstrapped/updated, the release is committed and tagged `vX.Y.Z` and **only that tag** is pushed (not `git push --tags`), the runbook covers detection/severities/contacts/rollback/pre-deploy checks, `INCIDENT.md` is in **both** `clear_paths` and `GIT_ONLY_PATHS`, and `dep rollback` is confirmed available. &nbsp;·&nbsp; **⏱ ~30–45 min** &nbsp;·&nbsp; 🔀 mixed (👤 version + contacts, 🤖 changelog/tag/wiring).
:::

## Background

:::note[SHOULD — release hygiene + operability]
Two final disciplines before staging deploys begin: a versioned, changelogged release you can point to and roll back to, and a runbook for when production breaks. Both make the difference between a calm incident and a scramble.
:::

## Steps

### 1. Audit existing release infrastructure

Decide whether to bootstrap a new changelog or extend an existing one (single-file vs the dual-file pattern some CodeCanyon kits ship).

<Steps>

1. **Inventory changelogs, version, and tags.**

   ```bash
   ls CHANGELOG.md HISTORY.md changelog.txt 2>/dev/null   # any existing changelog?
   grep '"version"' composer.json                          # current version, if set
   git tag --list | tail                                   # existing release tags
   # Expected: whatever changelog files exist, the current composer.json version, and recent tags
   ```

   - ✅ You know whether to bootstrap a new changelog or extend an existing one, and the current version/tags.

</Steps>

### 2. Determine the version number

Use SemVer relative to what shipped: `MAJOR.MINOR.PATCH`. For a first managed release, `1.0.0` is reasonable if the vendor baseline is unversioned; otherwise increment from the latest tag.

### 3. Write the changelog

Bootstrap when none exists; otherwise prepend the new version block and keep the existing format.

<Steps>

1. **Write (or prepend) the version block.**

   ```markdown
   # Changelog

   All notable changes to this project are documented here.
   This project adheres to [Semantic Versioning](https://semver.org/).

   ## [1.0.0] — 2026-06-09
   ### Added
   - Initial managed release on the deploy pipeline.
   ### Changed
   ### Fixed
   ```

   - ✅ The changelog carries the new version block; for **dual-file** kits (e.g. a public `CHANGELOG.md` + an internal one), both are updated so they don't drift.

</Steps>

### 4. Bump version and tag

Commit the changelog + version bump together, then tag and push.

<Steps>

1. **Commit, tag, and push the release.**

   ```bash
   # Update composer.json version (if the kit tracks it there)
   # then commit the changelog + version bump together
   git add CHANGELOG.md composer.json
   git commit -m "release: v1.0.0"
   git tag -a v1.0.0 -m "v1.0.0 — initial managed release"
   git push origin main
   git push origin v1.0.0   # push only this release tag; never use the all-tags push form
   # Expected: the release commit and the v1.0.0 tag are pushed to the remote
   ```

   - ✅ The release is committed, tagged `vX.Y.Z`, and **only that tag** is pushed.

</Steps>

:::tip[Tag conventions in this pipeline]
Keep the three tag types distinct: **vendor baseline** (untouched CodeCanyon import), **checkpoint** (pre-risky-change safety net), and **release** (`vX.Y.Z`, shippable). The release tag is what you roll back *to*.
:::

### 5. Audit incident-response infrastructure

Check what already exists: Deployer's `rollback` task, DB backup job, health-check endpoint, Sentry/error tracking.

<Steps>

1. **Inventory the runbook, error tracking, and rollback task.**

   ```bash
   ls INCIDENT.md docs/runbook.md 2>/dev/null      # existing runbook?
   grep -ri 'sentry' config/ .env.example          # error tracking wired?
   dep list 2>/dev/null | grep -q rollback && echo "rollback available"
   # Expected: any existing runbook, whether Sentry is referenced, and rollback task listed by dep list
   ```

   - ✅ You know what incident infrastructure already exists (runbook, Sentry, rollback task).

</Steps>

### 6. Pick a runbook strategy

| Strategy | When | Result |
|---|---|---|
| **Full** | Real users, on-call expected | Complete runbook with all sections below |
| **Partial** | Launching soon, basics in place | Core sections; flesh out post-launch |
| **Blank template** | Pre-launch, no traffic yet | Scaffold with `TODO`s so structure exists |

### 7. Write the runbook content

A partial-to-full `INCIDENT.md` should cover:

- **Detection** — Sentry alerts, uptime monitor (UptimeRobot/Better Stack), SSL-expiry monitor (cert from page 2 expires every 90 days).
- **Severity levels** — e.g. SEV1 site down, SEV2 degraded, SEV3 minor — with response-time expectations.
- **Emergency contacts** — who to call, in order; provider support links.
- **Playbook per failure** — site down, deploy failed, DB issue, SSL expired — each with first commands.
- **Rollback** — `dep rollback production` flips `current` back to the previous release (retention set in **[1 · Deployer](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/01-deployer/)**).
- **Pre-deploy checks** — the gate to run before every production deploy.

### 8. Wire `INCIDENT.md` as dev-only

The runbook is internal — it must never ship to the server. Add it to **both** the `clear_paths`/`GIT_ONLY_PATHS` pair from **[4 · CI + ServerSync](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/04-deploy-pipeline/04-ci-serversync/)** so it stays in Git but is stripped from releases.

<Steps>

1. **Confirm `INCIDENT.md` is in both path lists.**

   ```bash
   grep -A20 'clear_paths' deploy.php | grep INCIDENT
   grep 'GIT_ONLY_PATHS' .github/workflows/*.yml | grep INCIDENT
   # Expected: INCIDENT.md appears in both the clear_paths block and GIT_ONLY_PATHS
   ```

   - ✅ `INCIDENT.md` appears in **both** `clear_paths` and `GIT_ONLY_PATHS`.

</Steps>

:::caution[Symmetry again]
`INCIDENT.md` must appear in **both** lists. In `clear_paths` only → ServerSync may re-pull then it gets wiped. In `GIT_ONLY_PATHS` only → it can leak into a release. Both, always.
:::

## Checklist

Do not mark this step done until **every** box below is checked.

- [ ] **🔀 Version + changelog** — version determined (SemVer); `CHANGELOG.md` bootstrapped or updated (both files if dual-file).
- [ ] **🤖 Release tagged** — release committed and tagged `vX.Y.Z`; **only that tag** pushed (not `--tags`).
- [ ] **🔀 Runbook complete** — strategy chosen; `INCIDENT.md` covers detection, severities, contacts, rollback, pre-deploy checks.
- [ ] **🤖 Dev-only wiring** — `INCIDENT.md` present in **both** `clear_paths` and `GIT_ONLY_PATHS`.
- [ ] **🤖 Rollback ready** — `dep rollback` confirmed available as the recovery path.

:::next[Next step]
The pipeline is wired. Continue to **[Phase 5 · Staging deploy](/tech-stack/laravel/codecanyon/build/playbooks/setup-new/05-deploy-staging/)** — take the app from "runs locally" to "runs on a real server."
:::