#28DELIVERYRELEASEElite

Deploy Receipts

Who/what/when/where audit trail

Medium

Overview

Immutable record of every deployment including who triggered it, what was deployed, when, and verification.

Why It Matters

Complete deployment audit log. Answer 'what changed?' during incidents.

The Risk

Without receipts, incident investigation starts with guesswork. You can't definitively answer 'what was deployed when?' Compliance audits fail. Rollback decisions are made blind.

Implementation Components

A complete implementation of this capability includes:

Immutable record of every deployment
Captures who, what, when, where
Links to git commit, artifact digest, and provenance
Stored in searchable, long-term storage
Includes verification status (smoke tests, health checks)
Integration with change management systems

Implementation Pattern

1Capture deploy metadata
2Link to artifact digest
3Store immutably
4Make searchable

Tool Examples

These are examples, not endorsements. Choose what fits your context.

Git tags

↗

CI artifacts

↗

Dependencies

Requires (must have first)

•#25 Deploy to Production

Enhanced by (more effective with)

•#18 Artifact Provenance

Enables (unlocks)

Same Phase

Other capabilities in this pipeline phase

Quick Actions

View in Flow View full landscape Assess your platform

←

#27 Smoke Tests

#29 Rollback Automation

→