The Sacred Deployment
Deployment strategies, GitHub Pages and semantic versioning
The Master Archivist leads you into the largest hall of the Forge - an immense circular library, connected by bridges of light to distant towers. Each bridge leads to a different destination: the Testing Halls, the Preparation Outposts, and at the center, the Great Library of the Kingdom - the one all citizens consult. Automatic mechanisms transport scrolls along these bridges, but some paths are sealed by protective wards.
"The Automated Forges are useless if the chronicles remain locked in the workshop. Deployment is the sacred act of making your work accessible to the world. It is the final step in a scroll's journey - from the scribe's inkwell to the shelves of the Great Library. But beware: deploying without method is like sending troops into battle without a battle formation. Today, you will learn deployment strategies."
What is deployment?
Deployment is the process that makes your application available to users. As long as your code stays in a Git repository, nobody can use it. Deployment takes that code and puts it online, on a server, on a website - where people can access it.
If CI (continuous integration) verifies that your code works correctly, CD (continuous deployment) ensures it reaches its destination.
"Writing a perfect chronicle is pointless if it stays locked in your drawer. Deployment is the act of publishing - transforming private work into a public good."
Deployment environments
Before deploying directly to production, we use several environments that serve as safety nets. Think of these as successive rooms a scroll passes through before reaching the Great Library.
Development (dev)
This is your local environment. Where you write, test and experiment. Nothing you do here is visible to others.
# You work locally - this is the development environment
git add .
git commit -m "New feature"Staging (pre-production)
An environment that mimics production but isn't public. It's the preparation outpost - where you verify everything works under real conditions before the big day.
- Same configuration as production
- Test data (no real user data)
- Accessible only to the team
Production (live)
The real environment, the one users see and use. This is the Great Library. Every error here is visible to everyone.
"The development room is your private office. Staging is the rehearsal hall. Production is the stage in front of the entire kingdom. You don't go on stage without rehearsing."
| Environment | Analogy | Visible to |
|---|---|---|
| Development | Your private office | You only |
| Staging | Rehearsal hall | The team |
| Production | The Great Library | Everyone |
Deployment strategies
Like a general choosing a battle formation, an engineer chooses a deployment strategy. Each has its advantages and risks.
1. Manual deployment
The simplest method: you connect to the server and copy the files yourself.
# Simplified example - copying files to a server
scp -r ./my-site/ user@server:/var/www/html/- Advantage: Simple to understand
- Disadvantage: Prone to human error, not reproducible
"Manual deployment is like a messenger carrying scrolls on horseback. It works, but it's slow, risky and exhausting."
2. Automatic deployment on merge
Every time a merge is done on the main branch, deployment launches automatically. This is the foundation of continuous deployment (CD).
# Deployment triggers when pushing to main
on:
push:
branches: [main]- Advantage: Fast, reliable, reproducible
- Disadvantage: Requires a good test suite (otherwise you deploy bugs)
3. Blue-Green
You maintain two identical production environments: Blue (current) and Green (new). You deploy to Green, test, then switch traffic from Blue to Green.
+----------------+
Users -------------->| Blue | (current version)
+----------------+
+----------------+
(standby) | Green | (new version)
+----------------+
After validation:
+----------------+
(standby) | Blue | (old version)
+----------------+
+----------------+
Users -------------->| Green | (new version)
+----------------+- Advantage: Instant rollback (switch back to Blue)
- Disadvantage: Doubled cost (two environments)
4. Canary
You deploy the new version to a small percentage of users first. If everything goes well, you gradually increase to 100%.
Canary deployment - progression:
5% --> New version (initial test)
95% --> Old version
25% --> New version (going well)
75% --> Old version
100% --> New version (full deployment)- Advantage: Minimal risk, early problem detection
- Disadvantage: More complex to set up
"The canary in the coal mine - if the little bird survives, the miners can enter safely. If the new version works for 5% of users, it will work for everyone."
5. Rolling
You update servers one by one instead of all at once. During the update, some servers run the old version and others the new one.
Server 1: v2 + (updated)
Server 2: v2 + (updated)
Server 3: v1 (waiting)
Server 4: v1 (waiting)- Advantage: No downtime
- Disadvantage: Two versions coexist temporarily
| Strategy | Downtime | Rollback | Complexity |
|---|---|---|---|
| Manual | Yes | Slow | Low |
| Auto on merge | No | Medium | Low |
| Blue-Green | No | Instant | Medium |
| Canary | No | Fast | High |
| Rolling | No | Medium | Medium |
GitHub Pages - Deploy a site from Git
GitHub Pages is the simplest way to deploy a static website directly from a Git repository. It's free and built into GitHub.
How does it work?
GitHub takes the content of your repository (HTML, CSS, JavaScript) and publishes it at a URL like:
https://your-username.github.io/repo-name/Enable GitHub Pages
- Go to the Settings of your repository on GitHub
- In the sidebar, click Pages
- Choose the source:
- Deploy from a branch: deploy directly from a branch (e.g.:
main) - GitHub Actions: use a workflow to build and deploy
- Deploy from a branch: deploy directly from a branch (e.g.:
Deploy from a branch
The simplest. Select the main branch and the root folder / (or /docs if you prefer to isolate the site files).
Deploy with GitHub Actions
More powerful. You write a workflow that builds the site and deploys it. This is what we'll do in the exercise.
Custom domain
You can even use your own domain name instead of github.io. You just need to configure a CNAME file in your repository and update your domain's DNS records. For now, this is not necessary.
GitHub Pages is the gateway to the Great Library. You place your scrolls there and they become instantly accessible to the entire kingdom. No server needed, no complex magic needed.
Environment protection rules
Production environments are precious. GitHub lets you define protection rules to prevent accidental deployments.
Configure a protected environment
In the Settings of your repository, section Environments:
- Required reviewers: one or more team members must approve the deployment
- Wait timer: mandatory delay before deployment (e.g.: 5 minutes)
- Deployment branches: only certain branches can trigger deployment
Use an environment in a workflow
jobs:
deploy:
runs-on: ubuntu-latest
environment: production # <-- protected environment
steps:
- uses: actions/checkout@v4
- name: Deploy
run: echo "Deploying to production..."When the workflow reaches this job, it waits for approval before continuing (if reviewers are required).
"You don't deploy to production on a whim. Protection rules are the guards posted at the Great Library. They verify that every delivery is authorized and expected."
Rollback - Going back
Sometimes, despite all precautions, a deployment introduces a bug. You need to be able to return to the previous version quickly. That's a rollback.
Strategy 1 - Revert commit
Create a new commit that undoes the changes of the problematic commit:
# Identify the problematic commit
git log --oneline
# Create a commit that undoes its changes
git revert abc1234
# Push the revert - the pipeline redeploys automatically
git pushThe advantage: the history stays clean and you can clearly see that a rollback happened.
Strategy 2 - Redeploy a previous version
If you use version tags, you can simply redeploy the previous tag:
# Go back to tag v1.0.0
git checkout v1.0.0
# Or in a workflow, trigger deployment of a specific tagStrategy 3 - Blue-Green rollback
With the Blue-Green strategy, rollback is instant: just switch traffic back to the old environment.
"A good general always plans for retreat. Rollback is not an admission of failure - it's a proof of wisdom. Better to go back quickly than to let the kingdom suffer from a flawed scroll."
Complete deployment workflow
Here is an example GitHub Actions workflow that deploys a static site to GitHub Pages when pushing to main:
name: Deploy to GitHub Pages
on:
push:
branches: [main]
permissions:
contents: read
pages: write
id-token: write
jobs:
deploy:
runs-on: ubuntu-latest
environment: production
steps:
- name: Retrieve the code
uses: actions/checkout@v4
- name: Configure GitHub Pages
uses: actions/configure-pages@v4
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: '.'
- name: Deploy to GitHub Pages
uses: actions/deploy-pages@v4Workflow anatomy
| Element | Role |
|---|---|
on: push: branches: [main] | Triggers deployment on push to main |
permissions | Authorizes the workflow to write to Pages |
environment: production | Uses the protected environment |
actions/checkout@v4 | Retrieves the repository code |
actions/configure-pages@v4 | Configures GitHub Pages |
actions/upload-pages-artifact@v3 | Prepares files for deployment |
actions/deploy-pages@v4 | Actually deploys to GitHub Pages |
"Observe the structure of this workflow: it retrieves the code, prepares it, and deploys it to the Great Library. Each step is clear, each action is documented. This is the work of a methodical Archivist."
Semantic versioning and tags for releases
When you deploy, it is essential to number your versions to know exactly what is in production.
Semantic versioning (SemVer)
The format is vMAJOR.MINOR.PATCH:
v1.0.0
| | |
| | +-- PATCH: bug fix (backward compatible)
| +---- MINOR: new feature (backward compatible)
+------ MAJOR: incompatible change (breaking change)| Version | What changed |
|---|---|
v1.0.0 | First stable version |
v1.1.0 | Added a new feature |
v1.1.1 | Bug fix |
v2.0.0 | Major overhaul, not backward compatible |
Create a version tag
# Lightweight tag
git tag v1.0.0
# Annotated tag (recommended for releases)
git tag -a v1.0.0 -m "First stable version"
# Push tags to GitHub
git push --tagsCreate a release on GitHub
- Go to the Releases tab of your repository
- Click Create a new release
- Select your tag
- Add a title and release notes
- Publish
Releases are useful for users: they offer a clear download point and a changelog.
"Each version is an official seal stamped on your chronicles. Semantic versioning is the universal language that lets everyone understand what changed. Without it, chaos reigns."
Hands-on exercise - Prepare the sacred deployment
Prepare your chronicles for the Great Library:
- Create a
sacred-deploymentrepository - Create a static site (
index.html) - Write a GitHub Pages deployment workflow
- Tag the first version (
v1.0.0) - Run the verification script
Step 1 - Create the repository
mkdir sacred-deployment
cd sacred-deployment
git init -b mainStep 2 - Create the static site
Create an index.html file:
cat > index.html << 'EOF'
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>The Kingdom's Chronicles</title>
<style>
body { font-family: Georgia, serif; max-width: 800px; margin: 40px auto; padding: 0 20px; }
h1 { color: #2c3e50; }
.version { color: #7f8c8d; font-size: 0.9em; }
</style>
</head>
<body>
<h1>The Kingdom's Chronicles</h1>
<p>Welcome to the Great Library.</p>
<p class="version">Version 1.0.0</p>
</body>
</html>
EOFgit add index.html
git commit -m "Create the site homepage"Step 3 - Write the deployment workflow
Create the folder structure for GitHub Actions:
mkdir -p .github/workflowsCreate the workflow file:
cat > .github/workflows/deploy.yml << 'EOF'
name: Deploy to GitHub Pages
on:
push:
branches: [main]
permissions:
contents: read
pages: write
id-token: write
jobs:
deploy:
runs-on: ubuntu-latest
environment: production
steps:
- name: Retrieve the code
uses: actions/checkout@v4
- name: Configure GitHub Pages
uses: actions/configure-pages@v4
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: '.'
- name: Deploy to GitHub Pages
uses: actions/deploy-pages@v4
EOFgit add .github/workflows/deploy.yml
git commit -m "Add the GitHub Pages deployment workflow"Step 4 - Tag the first version
git tag -a v1.0.0 -m "First stable version - initial deployment"Verify the tag exists:
git tagYou should see v1.0.0 in the list.
Step 5 - Run the verification
bash verifier.sh.\verifier.ps1Command summary
| Command | Description |
|---|---|
git tag v1.0.0 | Create a lightweight tag |
git tag -a v1.0.0 -m "message" | Create an annotated tag |
git push --tags | Push tags to the remote repository |
git revert <hash> | Undo a commit (rollback) |
git checkout v1.0.0 | Go back to a tagged version |
Concept summary
| Concept | Description |
|---|---|
| Deployment | Making an application accessible to users |
| Dev environment | Your local workspace |
| Staging environment | Copy of production for testing |
| Production environment | The application visible to users |
| Blue-Green | Two identical environments, instant switch |
| Canary | Progressive deployment by user percentage |
| Rolling | Server by server update |
| GitHub Pages | Free static site hosting from GitHub |
| SemVer | MAJOR.MINOR.PATCH version format |
| Rollback | Return to a previous version |
| Protection rules | Rules that secure production environments |
The Master Archivist stands before the immense door of the Great Library. The Forge mechanisms hum behind you, and through the half-open door, you glimpse infinite shelves bathed in golden light.
"You now understand the complete journey of a chronicle. From inkwell to shelf. From your private office to the Great Library of the Kingdom. You have learned deployment strategies - how to choose the right formation for each battle. You have prepared your first automated deployment ritual. And you have stamped your first official version with a versioning seal."
He places a hand on your shoulder.
"But the Forge has not yet revealed all its secrets. The machines you have built - automated tests, deployment - are just the first stones. The Automated Forges can do much more. The next step will take you even further in mastering continuous delivery."