Favn

Appearance

Release Workflow

Features move through canary/promote/rollback using signed release indices.

Release commands

Low-level release-index commands (usually called via higher-level workflow scripts):

bash
# 1. Deploy as canary (starts soak timer)
pnpm run release:canary -- --feature feature-my-feature --version 1.1.0

# 2. After soak period, promote to stable
pnpm run release:promote -- --feature feature-my-feature --version 1.1.0 \
  --actor your-name --reason "Canary healthy, metrics green"

# 3. Emergency rollback
pnpm run release:rollback -- --feature feature-my-feature --version 1.0.0 \
  --actor your-name --reason "Error budget exceeded" --ticket OPS-42

--actor, --reason, and --ticket are optional release metadata fields.

CDN publishing

Publish a feature to the remote CDN:

bash
pnpm run publish -- --feature feature-dashboard

This builds, signs, publishes artifacts, uploads to CDN, and verifies the result. The publish command:

  • Reads the version from the feature's manifest.json
  • Defaults to stable channel (use --channel canary for canary)
  • Syncs remote releases.json to local first to avoid version drift

Interactive mode (pnpm run favn) provides dev and publish only.

Admin UI

Operators can manage releases from the Admin UI at /_admin:

  • View all loaded features, versions, and channels
  • Promote versions to stable or canary
  • Rollback to a previous version
  • Hot-refresh manifests without restarting the host

CLI fallback for operators/automation:

bash
pnpm run channel:fallback -- --feature feature-my-feature --version 1.1.0 --to stable \
  --actor your-name --reason "Promote after validation"

Release index

Each feature has a signed releases.json that tracks:

  • Schema version, feature ID, monotonic sequence number
  • Active version designation
  • Version list with manifest SHA-256 hashes

The host validates the release index signature on every load/refresh cycle.

Checking release status

bash
# Local artifacts
pnpm run release:status

# Remote CDN index
pnpm run release:status -- --index-url https://your-cdn.example.com/remote-index.json

Remote CDN validation

Test remote discovery without cloud upload:

bash
# Start local mock CDN
pnpm run mock:cdn

# Start host against remote index (separate terminal)
FEATURE_REMOTE_INDEX_URL=http://127.0.0.1:4100/remote-index.json pnpm run dev:host

# End-to-end verification
pnpm run verify:remote-cdn

Production checklist

Before promoting to production:

  • NODE_ENV=production
  • Trusted public keys configured (FEATURE_TRUST_PUBLIC_KEYS_JSON or FEATURE_TRUST_PUBLIC_KEYS_PATH)
  • FEATURE_ALLOW_INSECURE_DEV_KEYS is not enabled
  • ALLOW_UNAUTHENTICATED_ADMIN is not enabled
  • Auth mode configured (RPC token, DFS, or trusted-cluster)
  • pnpm run doctor, pnpm run lint:routes, and pnpm run validate:compat:strict pass