Royal Glow internal docs · now fully interactive — Steps, API tables, file trees & live status
Royal Glow Docs

Deployment

Branch strategy, hosting, CI/CD workflows, feature-flag releases, rollback tiers, and backups for Royal Glow.

Deployment

Royal Glow ships through a four-stage Git pipeline with progressively stricter gates, deploys to Cloudflare's edge, and decouples deploy from release using PostHog feature flags. The whole platform runs at ₹0/month on free tiers at launch.

Deploy ≠ release. Code goes live on the edge on every merge to prod; a feature only becomes visible when its PostHog flag is turned on. A bug means flipping a flag off — no rollback required.

Branch strategy

Four persistent branches, each mapped to an environment and a Neon DB branch. Work flows in one direction: dev → test → pprd → prod. There are no direct pushes to prod.

BranchEnvironmentNeon branchProtection / gates
devDevelopmentdevLint + type check + unit tests
testQA / CItest+ integration + Playwright E2E + Lighthouse CI
pprdPre-productionpprd+ k6 load test + smoke suite + dependency audit
prodProductionprod+ manual approval → deploy + health check

The pprd branch is reset from prod every 24h via the Neon Branch Reset API (a near-instant copy-on-write operation), then a PII-anonymisation script scrubs names, phones, and emails so UAT has realistic data without real customer PII. QStash scheduled jobs target prod only.

Hosting topology

  • Edge: Cloudflare Workers (via the OpenNext adapter, @opennextjs/cloudflare) serve the customer site (rgss-web, theroyalglow.in) and the admin portal (rgss-admin, admin.theroyalglow.in) globally — deployed near India (Mumbai / Singapore). Not Cloudflare Pages, not next-on-pages.
  • CMS: Render (Singapore, free tier) hosts Payload CMS (rgss-cms, cms.theroyalglow.in).
  • PDF render: Cloud Run hosts the invoice PDF service (@rgss/invoicing).
  • Database: a single Neon PostgreSQL 16 project with four branches.
  • Media: Cloudflare R2 (S3-compatible, zero egress). Cache + queue: Upstash Redis + QStash. Realtime: Ably.

GitHub Actions workflows

Four workflows enforce the gates above and handle production deploys.

WorkflowFileTriggers onDoes
CIci.ymlPRs to all branches + push to devLint + typecheck, unit tests, build, Trivy + Socket.dev audit
Integration & E2Eintegration.ymlPRs to test/pprd/prodIntegration tests, Playwright E2E, Lighthouse CI
Load & Securityload-test.ymlPRs to pprd/prodk6 load test, Trivy fs scan, OWASP ZAP baseline
Deploy Productiondeploy-prod.ymlPush to prodPre-deploy checks → build + Sentry source maps → Cloudflare Workers deploy (opennextjs-cloudflare deploy / wrangler deploy) → migrations → health check + smoke tests

Lighthouse gates require performance ≥ 95 and accessibility, best-practices, and SEO = 100.

Feature-flag release strategy

Every feature ships to prod behind a PostHog flag and is exposed gradually.

Deploy with the flag OFF

Code goes live on the edge, invisible to everyone.

Flag ON for role = developer

Self-test directly in production.

Flag ON for role = owner | manager

Stakeholder preview.

Flag ON for 10% of customers

Watch Sentry for new errors.

Flag ON for 100%

Full release to all customers.

Remove flag + dead code

After 2 weeks stable, clean up the flag and dead code.

Rollback tiers

When something goes wrong, escalate from the cheapest, fastest lever upward.

Health check

GET /api/health probes the database, Redis, and R2 in parallel and returns a HealthStatus contract: healthy / degraded / unhealthy. It responds 200 for healthy or degraded and 503 for unhealthy, always with Cache-Control: no-store. BetterStack polls it every ~3 minutes and opens an incident on status.theroyalglow.in if it fails.

Backups

TypeFrequencyRetentionStorageRPO
Neon PITR (automatic)Continuous WAL7 daysNeon infrastructure~0 sec
Weekly pg_dumpSun 7:30 AM IST8 weeksCloudflare R2≤ 7 days
Monthly restore test1st of monthTemporary Neon branchValidates integrity

Architecture

Hosting topology and observability layers

Background Jobs

Scheduled work and heartbeat monitoring

Data Model

What the migrations and backups protect

OpenReport an issue

Was this page helpful?

Environment Variables

All 55 environment variables for the Royal Glow platform — what they do, where they go, and how they're validated.

Git Workflow

Branch strategy, CI/CD pipeline, commit conventions, and database-per-environment for Royal Glow.

On this page

DeploymentBranch strategyHosting topologyGitHub Actions workflowsFeature-flag release strategyDeploy with the flag OFFFlag ON for role = developerFlag ON for role = owner | managerFlag ON for 10% of customersFlag ON for 100%Remove flag + dead codeRollback tiersHealth checkBackupsRelated pages