Pre-Deployment Checklist
Artifact
Section titled “Artifact”- Version is SemVer and matches package metadata.
- Image digest is captured.
- SBOM is generated.
- Image signature is available or the exception is documented.
Security
Section titled “Security”- Secret scan passed.
- SAST and SCA findings are reviewed.
- IaC and Kubernetes manifests are validated.
- Admission policies are expected to pass.
Operations
Section titled “Operations”- Deployment diff is reviewed.
- Rollback digest is known.
- Health check endpoint is documented.
- Alert coverage exists for the changed component.