Home / Support / Hotfix Process

🔥 Emergency Hotfix Process

Step-by-step procedure for P0 and P0-PAYROLL incidents

When to Use: System down, data loss, security breach, payment processing broken, time-critical payroll issues. Do NOT use for issues with workarounds or single-client non-critical issues.
Tracking: All P0 bugs are logged in GitHub project: SEQ Bug Tracker with P0/P0-PAYROLL label.

On This Page

Phase 1: Detection & Escalation (0-1 hour)

1. Bug Reported

Via support, monitoring, or client. Support team logs P0 ticket immediately.

2. Initial Assessment (within 30 min)

Tech Lead validates severity, confirms P0 classification, identifies affected clients.

3. Team Mobilization (within 1 hour)

  • Developer assigned (most experienced with affected module)
  • QA engineer assigned for testing
  • DevOps on standby for deployment
  • Communication coordinator for client updates
P0-PAYROLL War Room: For time-critical payroll bugs, immediately convene virtual war room (video call) with all key stakeholders.

Phase 2: Investigation & Fix (1-4 hours)

4. Root Cause Analysis

Review error logs, monitoring data, recent deployments. Reproduce issue in dev/staging.

5. Fix Development

  • Create hotfix branch from production
  • Implement minimal fix (smallest possible change)
  • Add logging/monitoring if needed
  • Test thoroughly in local environment
  • Prepare rollback script if DB changes involved

6. Code Review (Expedited)

Create PR to production. Tag Tech Lead for urgent review. Focus on correctness and safety.

Phase 3: Testing (4-8 hours)

7. Staging Smoke Test (2-3 hours)

Deploy to staging. Developer smoke tests: specific bug, core related functionality, basic health.

8. UAT Critical Path Testing (2-4 hours)

Deploy to UAT. QA executes critical path test suite (NOT full regression):

  • Verify bug is fixed
  • Test critical user flows
  • Check no regression in core functionality

9. Go/No-Go Decision

Tech Lead + QA Lead review test results. Assess risk of deploying vs. not deploying.

Phase 4: Production Deployment (8-10 hours)

10. Pre-Deployment

  • Verify rollback plan ready
  • Notify stakeholders (support, client success, management)
  • Prepare release notes

11. Deployment Execution

  • Backup database (if schema changes)
  • Deploy hotfix to production
  • Run migrations (if any)
  • Verify deployment success
  • Tag release (e.g., v2.5.3-hotfix-1)

12. Post-Deployment Monitoring (2 hours minimum)

  • Monitor error logs in real-time
  • Check application performance
  • Verify bug is fixed in production
  • Team remains on standby for rollback

Phase 5: Post-Mortem (within 48 hours)

13. Back-Merge Hotfix

Merge production → UAT → staging → develop. Resolve conflicts. Delete hotfix branch.

14. RCA Meeting

Schedule within 24-48 hours. Document root cause, why not caught earlier, preventive measures.

15. Client Communication

Send status update, incident report (if requested), explain preventive measures.

See Root Cause Analysis process →

P0-PAYROLL Emergency Checklist

Use this immediately for time-critical payroll bugs with cutoff < 12 hours

CS / PC Support Team (0-15 min)

Note: #payroll-emergency is a dedicated channel for time-critical payroll issues only. Regular bugs go through #sequifi_support.

Tech Lead (15-30 min)

Developer (30 min - 2 hours)

QA Engineer (2-4 hours)

Temporary vs Permanent Fix Strategy

For P0/P0-PAYROLL bugs, use temporary fix approach when appropriate to unblock clients fast.

When to Use Temporary Fix

Temporary Fix Examples

Type Description
Bypass Skip problematic code path temporarily
Rollback Revert recent change causing issue
Configuration Change config to disable problematic feature
Workaround Alternative code path that works
Data fix Manual database update to unblock client
After Temporary Fix: Create separate issue for permanent fix, link both issues, schedule in next standard release with full regression testing.