Can I protect the production release channel?

Hi :slight_smile:

So, it’s really cool that all it takes to update production app is modify some JS files, save and run expo publish

But it also scares the hell out of me! It’s so easy for someone to accidentally forget to expo publish --release-channel staging or something and OOPS prod is updated with test code :sob:

Is there some best practice way to lock down the production channel?

It’s a very short term goal to have the publication all handled by CI/CD servers, and probably lock engineers out of the Expo account, which would protect.

But this does seem harsh, and also potentially imperfect still.

How do other people deal with this worry?

you can rollback the update for specific channel if you found pushing something wrong .

Also you can always push the update to staging first and then transfer the update in staging to production instead of directly pushing update to production.

Thanks for that reply.

It’s true it should be easy-ish to undo any bad mistake, that doesn’t make me feel less nervous that an engineer simply leaves off --release-channel :laughing:

I wish there was some 2FA setting or something to protect channels

You could always create a feature request :slight_smile:

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.