CI/CD
canonical term: deployment workflowDoc Status: Current operating model | This page describes the GitHub Actions flow for future feature work. Production deploys from
main, not from a developer laptop.Why This Matters
House of Legends runs public booking, operations, payment, and staff workflows from one codebase. A change should move through review, preview, and production in a predictable path so backend contracts, frontend generated clients, Turnstile, and Cloudflare Workers stay aligned. The deployment source of truth is GitHub Actions. Local machines are for development and emergency diagnostics, not normal production releases.Branch Model
| Branch | Purpose | Deploy Target |
|---|---|---|
feature/* | Short-lived feature work | No automatic deploy |
dev | Integration validation | CI only until isolated staging exists |
main | Production release branch | Production environment |
Feature Development Flow
Make the change locally
Keep changes scoped. Backend API changes update Hono schemas/routes first, then regenerate OpenAPI and Fern clients.
Merge to dev after CI passes
A merge to
dev triggers the CI workflow. This is the shared integration gate before production promotion.Future Feature Lifecycle
Every later feature should follow the same promotion path unless it is an emergency production hotfix.| Stage | Owner Action | System Action | Result |
|---|---|---|---|
| Start | Branch from latest dev | No deploy | Isolated feature work |
| Review | Open PR into dev | CI runs API, client, frontend, and docs checks | Contract and build issues are caught before preview |
| Preview | Merge PR into dev | CI runs again | Integration issues are caught before production |
| Promote | Open PR from dev into main | CI runs on the release PR | Production release is reviewed as a batch |
| Release | Merge to main | CI runs again, then deploys Production | Live site updates from GitHub Actions |
Backend Feature Rules
Backend changes must keep the generated contract in sync before a PR is opened.Frontend Feature Rules
Frontend features should call Hono through existing hooks and generated client code. UI components should not own API calls or backend business rules.dev.
Docs Feature Rules
Docs changes go through the same branch flow. If the docs describe a deployed behavior, verify the implementation first.Release Types
| Release Type | Branch Path | Notes |
|---|---|---|
| Normal feature | feature/* → dev → main | Default path for product and backend work |
| Documentation-only | docs/* → dev → main | Still uses CI so navigation/build issues are caught |
| Backend contract | feature/* → dev → main | Must include OpenAPI and Fern regeneration |
| Payment change | feature/* → dev → main | Requires production payment verification after release |
| Emergency hotfix | hotfix/* → main, then back-merge to dev | Use only when production is actively broken |
Payment, reservation, seeding, migration, and reset changes are higher risk. CI/CD may deploy code, but it must not silently run data-changing operations. Operator-triggered database actions stay
separate from deployment.
What CI Checks
The CI workflow should run on pull requests and pushes for bothdev and main.
| Area | Command |
|---|---|
| Hono contract generation | pnpm --filter @hol/hono generate |
| Fern client generation | pnpm --filter @hol/client generate |
| Generated artifact check | git diff --exit-code |
| Hono typecheck | pnpm --filter @hol/hono typecheck |
| Hono lint | pnpm --filter @hol/hono lint |
| Client typecheck/build | pnpm --filter @hol/client typecheck and pnpm --filter @hol/client build |
| Frontend typecheck/lint | pnpm --filter @hol/frontend typecheck and pnpm --filter @hol/frontend lint |
| Docs build | pnpm --filter @hol/mintlify build |
What Deploys
| Git event | GitHub environment | Cloudflare target |
|---|---|---|
CI succeeds on dev | None | Integration validation only |
CI succeeds on main | Production | Live Cloudflare Workers and Pages |
| Manual dispatch | Production | Emergency/operator-controlled production deploy |
- Hono API Worker
- Frontend Worker/assets
- Videos Worker
- Mintlify docs Pages deployment
Secrets
GitHub Actions needs deployment and frontend build values:Do not commit secrets to the repository. Do not put
TURNSTILE_SECRET_KEY into GitHub unless a future workflow explicitly rotates Worker secrets. The normal deployment workflow only needs the
public Turnstile site key for the frontend build.Operational Rules
- Feature branches merge into
dev. devvalidates integration before production.mainis production-only.- Production deploys happen from GitHub Actions after CI succeeds.
- Local
wrangler deployis emergency-only and should be reported when used. - Seeder, migration, and reset commands are manual operator actions, not deploy steps.
- Payment-flow changes still require real production verification after deployment.
Related Pages
- Domains & Deployment — domain routing and environment URLs
- OnePay — payment gateway environment configuration
