Release Gate (G6)
Bevor ein Flugzeug abheben darf, gibt es eine finale Freigabe vom Tower. Das Release Gate ist genau das - die letzte Prüfung, bevor Code in Produktion geht. Hier gibt es keine Kompromisse.
Die letzte Verteidigungslinie
Das Release Gate (G6) ist das strengste Gate im Prozess. Es kombiniert alle vorherigen Prüfungen mit zusätzlichen Release-spezifischen Checks: Ist das Deployment-Skript getestet? Gibt es einen Rollback-Plan? Sind alle Stakeholder informiert?
Vollständiges Beispiel
# Gate: G6_RELEASE
# Position: Nach Phase 10 (Release Planning), vor Phase 11 (Deployment)
gate:
id: "G6_RELEASE"
name: "Release Gate"
description: "Finale Freigabe vor dem Deployment"
position:
after_phase: 10 # Release Planning
before_phase: 11 # Deployment
# Prädikate
predicates:
required:
- id: "all_tests_passed"
description: "Alle Tests (Unit, Integration, E2E) bestanden"
severity: "critical"
- id: "is_security_reviewed"
description: "Security Review abgeschlossen"
severity: "critical"
- id: "has_staging_validation"
description: "Auf Staging validiert"
severity: "critical"
- id: "has_rollback_plan"
description: "Rollback-Plan dokumentiert"
severity: "critical"
- id: "has_release_notes"
description: "Release Notes erstellt"
severity: "high"
conditional:
- id: "has_performance_baseline"
condition: "change_class == 'critical'"
- id: "has_stakeholder_approval"
condition: "change_class IN ('normal', 'critical')"
- id: "has_compliance_signoff"
condition: "affects_pii OR affects_payment"
# Manuelle Approvals
approvals_required:
- role: "tech_lead"
required: true
- role: "product_owner"
required_for:
- change_class: "normal"
- change_class: "critical"
- role: "security_team"
required_for:
- change_class: "critical"
# Release-Checks
release_checks:
- name: "Staging Smoke Tests"
environment: "staging"
command: "npm run test:smoke"
- name: "Database Migration Dry-Run"
command: "php artisan migrate --pretend"
- name: "Dependency Audit"
command: "composer audit && npm audit"
decision:
pass_condition: "ALL predicates PASS AND ALL required approvals obtained"
on_pass:
action: "create_release"
tag_version: true
notify: ["team-channel", "stakeholders"]
on_fail:
action: "block_release"
escalate_to: "tech_lead"Gate-Prüfung in der Praxis
# Gate-Prüfung G6_RELEASE
gate_check:
gate_id: "G6_RELEASE"
change_id: "CHG-2024-0050"
change_class: "critical"
release_version: "2.4.0"
checked_at: "2024-01-15T20:00:00Z"
predicate_results:
- predicate_id: "all_tests_passed"
passed: true
details:
unit: "312/312 passed"
integration: "58/58 passed"
e2e: "23/23 passed"
- predicate_id: "is_security_reviewed"
passed: true
details:
reviewer: "security-team"
approved_at: "2024-01-15T18:00:00Z"
sast_findings: 0
dependency_vulnerabilities: 0
- predicate_id: "has_staging_validation"
passed: true
details:
deployed_at: "2024-01-15T19:00:00Z"
smoke_tests: "passed"
manual_validation: "completed"
- predicate_id: "has_rollback_plan"
passed: true
details:
document: "docs/rollback/v2.4.0.md"
tested: true
estimated_time: "< 5 minutes"
- predicate_id: "has_performance_baseline"
passed: true
details:
p95_latency: "< 200ms"
throughput: "1000 rps"
comparison: "within 5% of baseline"
approval_results:
- role: "tech_lead"
approved: true
by: "bob@example.com"
at: "2024-01-15T19:30:00Z"
- role: "product_owner"
approved: true
by: "alice@example.com"
at: "2024-01-15T19:45:00Z"
- role: "security_team"
approved: true
by: "security@example.com"
at: "2024-01-15T18:00:00Z"
verdict: "PASS"
release_created: "v2.4.0"
deployment_authorized: trueWarum ist das wichtig?
Das Release Gate ist die finale Absicherung. Ein Fehler hier kann Millionen kosten, Kunden verlieren oder Sicherheitslücken in Produktion bringen. Deshalb ist dieses Gate besonders streng und erfordert mehrere unabhängige Freigaben.
Im Mensch + KI-Code Prozess: Das Release Gate (G6) ist für alle Change Classes obligatorisch. Bei "Critical" sind zusätzliche Approvals von Security-Team und Stakeholdern erforderlich. Das Gate kann nicht übersprungen werden.