main-old validation in legacy workflow
main validation in AWS workflow

So now follow this exact execution sequence.

PHASE 1 — COMMIT WORKFLOW CHANGES FIRST

VERY IMPORTANT.

Before renaming branches:

On current branch (`main` old branch)

Commit the legacy workflow changes.

git checkout main
 
git add .github/workflows/
git commit -m "updated legacy workflow to use main-old"
git push origin main

This ensures old workflow already knows about main-old.

PHASE 2 — BACKUP CURRENT MAIN

git checkout main
git pull origin main
 
git push origin main:backup-main-before-rename

Verify in GitHub:

backup-main-before-rename

exists.

PHASE 3 — RENAME OLD MAIN → MAIN-OLD

git branch -m main main-old
git push origin main-old

PHASE 4 — CHANGE DEFAULT BRANCH TEMPORARILY

Go:

GitHub → Settings → Branches

Change default branch:

main → main-old

PHASE 5 — DELETE OLD REMOTE MAIN

git push origin --delete main

PHASE 6 — MOVE TO AWS BRANCH

Now:

git checkout aws_production_velocis
git pull origin aws_production_velocis

PHASE 7 — COMMIT AWS WORKFLOW CHANGES

Your AWS workflow now validates against main.

Commit that BEFORE rename.

git add .github/workflows/
git commit -m "updated eks workflow to use main branch"
git push origin aws_production_velocis

PHASE 8 — RENAME AWS BRANCH → MAIN

git branch -m main
git push origin main

PHASE 9 — CHANGE DEFAULT BRANCH TO NEW MAIN

Go again:

GitHub → Settings → Branches

Set:

main

as default.

PHASE 10 — TEST WORKFLOW SAFELY

DO NOT test production first.

TEST STAGING FIRST

Use staging branch:

velocis-aws_staging

Create test tag:

git checkout velocis-aws_staging
 
git tag dev-test-1
git push origin dev-test-1

Verify:

workflow starts
docker builds
helm deploys
pods healthy

PHASE 11 — TEST NEW MAIN PRODUCTION VALIDATION

Now test ONLY validation.

DO NOT deploy real prod first.

Create temporary prod tag:

git checkout main
 
git tag prod-validation-test
git push origin prod-validation-test

Expected:

workflow starts
validation passes
deployment starts

If you want safer testing:

temporarily add:

workflow_dispatch:

and manually run workflow.

PHASE 12 — VERIFY BRANCH VALIDATION WORKS

Critical test:

Try creating prod tag from WRONG branch.

Example:

git checkout velocis-aws_staging
 
git tag prod-should-fail
git push origin prod-should-fail

Expected:

❌ Error: Tag must point to a commit in the 'main' branch

If this fails correctly → validation works.

IMPORTANT ISSUE IN YOUR CURRENT YAML

You currently have indentation issue here in AWS workflow:

BAD:

- name: Clean previous logs
    run:

Correct:

- name: Clean previous logs
  run: rm -rf /opt/runner-eshopbox-org/_diag/pages/*
  continue-on-error: true

You have this issue in BOTH:

staging
production

Fix BEFORE testing.

Otherwise workflow YAML parsing may fail.

PHASE 13 — DELETE OLD AWS BRANCH

ONLY after everything works:

git push origin --delete aws_production_velocis

FINAL BRANCH STRUCTURE

Branch	Purpose
`main`	AWS Production
`velocis-aws_staging`	AWS Staging
`main-old`	Legacy GCP rollback
`backup-main-before-rename`	emergency backup

RECOMMENDED NEXT IMPROVEMENTS

After migration stabilizes:

Add PR workflow

.github/workflows/pr-validation.yml

Add:

mvn test
docker build
helm lint
trivy scan

Add branch protection

Protect:

main
velocis-aws_staging

Require:

PR
approvals
successful checks

Add production approval

GitHub:

Settings → Environments → aws-production

Enable:

Required reviewers

This prevents accidental production deploys.

Merge Conflict Bashrc Display