Joders/SkyMoney
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
SkyMoney/docs/production-operations-policy.md
Ricearoni1245 cfbda7c3cd
Some checks failed
Security Tests / security-non-db (push) Successful in 19s
Details
Security Tests / security-db (push) Successful in 23s
Details
Deploy / deploy (push) Has been cancelled
Details
diagnose and fix: removed rm for skymoney data in deploy)
2026-03-02 13:56:23 -06:00

1.1 KiB
Raw Permalink Blame History

Production Operations Policy

Last updated: March 2, 2026

Purpose

Prevent destructive production actions that can cause irreversible data loss.

Hard bans in production

Never run these commands against production:

  1. docker volume rm skymoney_pgdata
  2. docker compose down -v / docker-compose down -v
  3. prisma migrate reset
  4. prisma migrate dev
  5. prisma db push --accept-data-loss

Allowed migration path

  1. prisma migrate deploy only.
  2. Mandatory pre-migration backup (scripts/backup.sh).
  3. DB target validation (scripts/validate-prod-db-target.sh).
  4. Volume guard (scripts/guard-prod-volume.sh).

Operator controls

  1. Prefer constrained sudoers permissions over broad sudo docker.
  2. Keep all manual production commands logged in an incident/change ticket.
  3. Require peer confirmation before any storage/volume action.

Intentional rebuild exception

Only for explicit rebuild events:

  1. Set ALLOW_EMPTY_PROD_VOLUME=1 for one deploy run.
  2. Record reason and approver.
  3. Reset ALLOW_EMPTY_PROD_VOLUME=0 immediately afterward.
Reference in New Issue View Git Blame Copy Permalink