Goal
Move cloud deploy from `main` to a new `prod` branch so that:
- `main` stays the active iteration branch (CI runs, no auto-deploy)
- `prod` is the explicit ship gate
- Releases are PRs from `main` → `prod`, with full CI re-run + manual review before merge
Motivation
The May 4–5 2026 voice-path incident chain (PRs #28 → #29 → #30) shipped speculative changes straight to cloud and regressed the call path twice. A separate deploy branch puts a human gate between proposal and production.
Proposed change
- Create `prod` branch from current `main` HEAD.
- Modify `.github/workflows/deploy.yml`:
- Change `on: push: branches: [main]` → `[prod]`
- Keep all other deploy job logic identical
- Modify `.github/workflows/ci.yml` (if it auto-runs on main):
- Keep CI on `main` and PRs (so we still see green/red on iteration)
- Add CI run on `prod` PRs as a required check before merge
- Branch protection on `prod` (Settings → Branches → Add rule):
- Require PR before merge
- Require CI to pass
- Require linear history (squash-only)
- Document the release flow in AGENTS.md:
- When to ship: open PR `main → prod`, merge after manual verification
- Rollback: revert PR on `prod`, redeploy
Files touched
- `.github/workflows/deploy.yml` — branch trigger swap
- `.github/workflows/ci.yml` — possibly add prod-PR check
- `AGENTS.md` — release flow documentation
- New: empty initial commit on `prod` branch (from `main` HEAD)
Test plan
- Push a no-op commit to `main` → CI runs, Deploy does NOT fire ✓
- Open PR `main → prod`, merge it → Deploy fires ✓
- Verify cloud picks up the change post-deploy
Risk
Low. The migration-deploy gap (open follow-up #5 in AGENTS.md) interacts with this — migrations still need a separate manual gate. Could be folded into the same workflow restructure if you want.
Suggested branch + commit
```
git checkout -b infra/prod-branch-deploy-gate
edits to deploy.yml + AGENTS.md
git commit -m "infra: gate cloud deploy on prod branch instead of main"
git push -u origin infra/prod-branch-deploy-gate
gh pr create --base main --title "infra: gate cloud deploy on prod branch"
After merge to main, create the prod branch from main HEAD:
git checkout main && git pull
git checkout -b prod
git push -u origin prod
```
Goal
Move cloud deploy from `main` to a new `prod` branch so that:
Motivation
The May 4–5 2026 voice-path incident chain (PRs #28 → #29 → #30) shipped speculative changes straight to cloud and regressed the call path twice. A separate deploy branch puts a human gate between proposal and production.
Proposed change
Files touched
Test plan
Risk
Low. The migration-deploy gap (open follow-up #5 in AGENTS.md) interacts with this — migrations still need a separate manual gate. Could be folded into the same workflow restructure if you want.
Suggested branch + commit
```
git checkout -b infra/prod-branch-deploy-gate
edits to deploy.yml + AGENTS.md
git commit -m "infra: gate cloud deploy on prod branch instead of main"
git push -u origin infra/prod-branch-deploy-gate
gh pr create --base main --title "infra: gate cloud deploy on prod branch"
After merge to main, create the prod branch from main HEAD:
git checkout main && git pull
git checkout -b prod
git push -u origin prod
```