# Deployment, Infrastructure, and CI/CD
Purpose and scope
- Capture how BranchPy is deployed across environments, how CI/CD moves code, and how infrastructure is monitored.
- Define ownership boundaries: this subset owns environments, rollout flows, CI/CD topology, and runtime operational runbooks.
- UI, CLI, auth semantics, telemetry policy, and governance rules are linked, not redefined.
What this subset covers
- Environment layout (Railway, custom VPS, web hosting) and topology expectations.
- CI/CD workflows, matrices, concurrency, and deployment automation touchpoints.
- Monitoring, alerting, and logging integrations aligned to deployment.
- Hardening steps tied to deployment/runtime (secrets, TLS, rate limits, firewalls).
- Operational runbooks: Maintained internally in controlled
BranchPy/docsrepository.
What this subset does not cover
- Authentication/licensing logic: see Technical/auth-licensing-sso.
- CLI behavior: see Technical/cli/cli.md.
- Telemetry/event policy: see Technical/telemetry and Technical/events.
- Governance/BQF standards: see Technical/governance.
Entry points
- Architecture: Technical/deployment/architecture.md
- CI/CD: Technical/deployment/ci-cd.md
- Hardening: Technical/deployment/hardening.md