Deployment environments
Fontana runs on more than one class of host. SOC 2-aligned control narratives and evidence collection apply to production-class deployments where regulated customer data lives. Integration and local environments support engineering velocity on hosts outside that scope.
Environment classes
Section titled “Environment classes”| Class | Typical use | Customer / regulated data | Change control |
|---|---|---|---|
| Production-class | Managed cloud production, customer VPC, dedicated self-hosted production | In scope | Pinned immutable releases, automatic pre-upgrade snapshots, GHCR-only artifacts on the host |
| Integration | Shared engineering box, pre-release validation | Out of scope for regulated workloads | Pre-release validation; may build from source on the host |
| Local | Developer laptop, *.localhost installs | Out of scope | Local integration testing and hybrid dev workflows |
What production-class means
Section titled “What production-class means”Production-class hosts share these properties:
- Immutable deploy artifacts only on the box: pre-built OCI images and a verified deploy bundle from your registry (typically GHCR). No monorepo checkout or build toolchain required to run tenants.
- Pinned upgrades via the Fontana CLI using immutable
sha-<git>release tags. - Automatic full-stack snapshot before each tenant upgrade, with rollback support.
- Cluster-per-tenant workspace isolation, per-workspace Vault, and WORM audit as documented in Security.
Managed cloud production and customer VPC deployments Fontana operates follow this model. Self-hosted customers can adopt the same pinned-release pattern on their own production hosts.
Integration and local (out of scope)
Section titled “Integration and local (out of scope)”Integration hosts may keep a source checkout for on-box builds and faster iteration. Local development may combine containerised platform services with live application dev servers.
Those environments help your team ship features. They do not replace production controls for:
- Supply chain integrity (pinned digest tags, bundle checksum verification)
- Formal change records (snapshot history, pinned release trail)
- Regulated data residency and audit evidence export
Related documentation
Section titled “Related documentation”- Supply chain - production artifact and upgrade controls
- SOC 2 control summary - questionnaire index and environment scope
- Vendor diligence FAQ - recurring procurement Q&A
- Deployment - cloud, self-hosted, and dedicated host models
- Fontana CLI - apply, upgrade, and rollback on the host