# v1.0.0 Release Checklist ## Pre-release ### Testing - [x] All unit tests pass (`go test ./...`) - [x] Integration tests pass - [x] E2E tests pass - [x] Benchmarks run successfully ### Quality - [x] Static analysis clean (minor errcheck in tests only) - [x] Security scan reviewed (gosec findings are expected patterns) - [x] Cross-compilation verified (linux/amd64) ### Coverage | Package | Coverage | Target | Status | |---------|----------|--------|--------| | internal/domain | 100% | >95% | ✅ | | internal/sanitize | 100% | N/A | ✅ | | internal/validate | 100% | N/A | ✅ | | internal/cmdlimit | 100% | N/A | ✅ | | internal/ratelimit | 95.7% | N/A | ✅ | | internal/circuitbreaker | 91.9% | N/A | ✅ | | internal/adapter/postgres | 90.7% | >80% | ✅ | | internal/service | 82.5% | >90% | ⚠️ | | internal/adapter/cached | 78.4% | >80% | ⚠️ | | internal/auth | 59.4% | >90% | ⚠️ | | internal/handlers | 55.8% | >85% | ⚠️ | Note: Some coverage targets not met, but core functionality is well-tested. ### Documentation - [x] Architecture documentation complete - [x] API documentation complete - [x] Operations documentation complete - [x] Runbooks complete - [x] CHANGELOG.md updated - [x] README.md reviewed ### Security - [x] Command sanitization implemented - [x] API key hashing (SHA-256) - [x] Rate limiting configured - [x] RBAC minimized - [x] Network policies defined - [x] Pod security context hardened ## Release ### Build ```bash # Build binary GOOS=linux GOARCH=amd64 go build -o rdev-api ./cmd/rdev-api # Build Docker image docker build -t ghcr.io/orchard9/rdev-api:1.0.0 . # Push image docker push ghcr.io/orchard9/rdev-api:1.0.0 ``` ### Tag ```bash git tag -a v1.0.0 -m "Release v1.0.0" git push origin v1.0.0 ``` ### Deploy ```bash # Update image tag in kustomization # Apply to cluster kubectl apply -k deployments/k8s/overlays/prod # Verify deployment kubectl -n rdev rollout status deployment/rdev-api ``` ## Post-release ### Verification - [ ] Health endpoint responding - [ ] Readiness endpoint healthy - [ ] API key authentication working - [ ] Command execution working - [ ] SSE streaming working - [ ] Metrics endpoint exposing data ### Monitoring - [ ] Prometheus scraping metrics - [ ] Grafana dashboard created - [ ] Alerts configured ### Communication - [ ] Release notes published - [ ] Team notified - [ ] Documentation URL shared ## Known Issues 1. **Coverage below targets**: Some packages need additional test coverage 2. **OpenTelemetry deferred**: Requires OTLP collector infrastructure 3. **Gosec warnings**: G204 (command execution) is by design; G104 (unhandled errors) in cleanup code ## Rollback If issues occur: ```bash # Rollback to previous version kubectl -n rdev rollout undo deployment/rdev-api # Or rollback to specific revision kubectl -n rdev rollout undo deployment/rdev-api --to-revision= ```