Deployment

Deployment docs should keep infrastructure provisioning, app release orchestration, and static docs publishing as separate surfaces.

Primary Boundaries

Deployed Dev Environment records the current shared dev runtime, value ownership, cost posture, and control plane.
Deployed Dev Lifecycle records runtime, data, media, and teardown lifecycle boundaries.
Data Durability And Recovery records disposable data posture, reset boundaries, backup learning drills, and future recovery gates.
Deployment Workflows records CI, deployed-dev CD, docs CD, smoke lanes, and command conventions.
Infrastructure Change Policy records Pulumi graph-change review, cloud portability posture, and infrastructure mutation gates.
Cloud Automation Permission Review records actor, cloud API action, resource scope, trust boundary, evidence, and non-goal review before automation runs.
Docs Hosting records the independent static hosting and publish path for docs.wavemap.app.

Current Deployable Surfaces

Frontend application.
Backend API.
Pulumi-managed infrastructure.
Supporting services such as database, media storage, registry, ingress, DNS, and control plane.
Static documentation site.

The reviewed dev application topology figure shows the current Pulumi-visible deployed-dev surface. Runtime database and volume state are intentionally left as an explicit caveat until they are modeled as separate topology nodes.

Topology diagram showing the dev application public web surface, control plane, runtime, media storage, and image registry relationships.

Dev application deployment topology generated from reviewed semantic topology data. Reviewed Mermaid source: fig-dev-application-deployment.mmd.

Stable Decisions

App/API runtime deployment and infrastructure provisioning are separate surfaces.
Docs deployment is a static lane and does not use the EC2 app runtime, backend, database, wake path, or container host.
Routine branch CD targets the conservative deployed-dev endpoint profile.
Heavier browser, seeded-data, media, and lifecycle proofs remain manual/profile-scoped until repeated signal justifies promotion.
Generated private infrastructure artifacts should not be uploaded directly to the public docs site.

Raw topology captures flow through a private artifact lane first; only reviewed and sanitized projections should enter the docs app.

Deferred Work

Versioned public docs and PR previews.
Automated generated topology publishing.
Staging/production promotion automation.