Deployment Flow
Current main does not use one universal “commit to production” pipeline.
This page exists to retire that old story and restate the real deployment
boundary.
Current Mainline Flow
GloriousFlywheel is GitHub-first and split into workflow families:
- Validate and proof — repo validation, platform proof, source Bazel proof, and bounded reporting workflows
- Build and publish — container, FlakeHub, release, and docs publication surfaces
- Targeted deploy — the ARC stack has an automated apply path on
mainwhen ARC-related paths change - Operator deployment — the remaining stacks still rely on bounded internal operator deployment paths instead of a universal auto-apply stage
Pull Requests
Pull requests primarily run validation and proof workflows plus bounded ARC plan coverage when relevant paths change. They do not run a universal deploy stage.
Pushes To main
Pushes to main run validation, proof, and path-scoped publication or deploy
workflows. Current automated deployment on main is intentionally narrow:
Deploy ARC Runnersfor the ARC stackDeploy Docsfor the docs site
The repo does not currently auto-apply every infrastructure stack on merge.
Related
- Pipeline Overview — current workflow families
- Deployment Contract — live stack deployment boundaries
- OpenTofu Modules — stack/module reference