Deployment & Operations
How Govula is deployed and maintained in production environments.
This section is intended for: Technical Team, Management. Unauthorised access is restricted.
Cloud-Native Architecture
Govula is designed as a cloud-native application, built to take advantage of modern cloud infrastructure while maintaining portability and reliability.
- Containerized services for consistent deployment across environments
- Horizontal scaling for handling varying workloads
- Managed database services for reliability and performance
- Object storage for evidence and document management
Environment Separation
Strict environment separation ensures that development, testing, and production workloads do not interfere with each other.
| Environment | Purpose | Data |
|---|---|---|
| Development | Active development and debugging | Synthetic test data only |
| Staging | Pre-production testing and validation | Anonymized production-like data |
| Production | Live customer workloads | Real customer data (encrypted) |
Scheduling & Automation
Automated workflows run on configurable schedules to maintain continuous compliance monitoring:
SoA Generation
Automated Statement of Applicability updates based on current organizational context and control status. Default schedule: Daily at 02:00 UTC.
Report Generation
Scheduled generation and distribution of stakeholder reports. Configurable per organization and report type. Default schedule: Daily at 03:00 UTC.
Evidence Freshness Check
Automated scanning for evidence approaching or past expiration. Generates alerts for items requiring attention. Default schedule: Daily at 04:00 UTC.
Compliance Snapshot
Point-in-time capture of compliance state for historical analysis and trend tracking. Default schedule: Daily at 01:00 UTC.
Monitoring & Health Checks
Comprehensive monitoring ensures system health and performance:
Application Monitoring
- Request/response latency tracking
- Error rate monitoring
- API endpoint health checks
- Structured logging with correlation IDs
Infrastructure Monitoring
- Database connection pool status
- Storage utilization
- Memory and CPU usage
- Network connectivity
Alerting
Automated alerts notify operations teams of issues requiring attention:
- CriticalService unavailable, data integrity issues, security incidents
- WarningElevated error rates, performance degradation, resource thresholds
- InfoScheduled job completions, workflow successes, routine events
Update Strategy
Platform updates are deployed with minimal disruption:
Rolling Deployments
New versions are deployed incrementally, with traffic shifted gradually from old to new instances. No downtime during routine updates.
Database Migrations
Schema changes are applied using non-destructive migrations that maintain backward compatibility during the transition period.
Feature Flags
New features can be deployed disabled and enabled gradually, allowing for controlled rollouts and quick rollbacks if needed.
Backup & Recovery
Data protection measures ensure business continuity:
- Automated daily backups with 30-day retention
- Point-in-time recovery capability for databases
- Geographically distributed backup storage
- Regular recovery testing
Maintenance Windows
Scheduled maintenance, when required, follows a predictable process:
- 1Advance notice provided (minimum 72 hours for planned maintenance)
- 2Maintenance scheduled during low-usage periods
- 3Status page updated with progress
- 4Completion notification sent to affected users