ENFRES
Release ManagementDevOpsBest PracticesAdministration

Salesforce Release Management: From Sandbox to Production Without Surprises

Most Salesforce incidents are caused by deployments gone wrong. Here's the release management process we use to ship changes confidently — every time.

By Nuage9

Ask any seasoned Salesforce admin what keeps them up at night and the answer is usually the same: a production deployment that went sideways. A flow that worked perfectly in sandbox, a validation rule that nobody tested against existing data, a profile change that locked out half the sales team on a Monday morning.

These incidents aren’t caused by bad developers. They’re caused by the absence of a reliable process. Here’s the one we use.

The core principle: production is never the first place anything runs

Every change — no matter how small — follows the same path:

Developer Sandbox → Full Sandbox (UAT) → Production

“It’s just a picklist value” or “I’m only adding a field” are famous last words. The process doesn’t change based on perceived risk. The discipline of always following it is what makes it reliable.

Stage 1: Developer Sandbox

This is where you build and initially test. A few rules that save headaches later:

Name your changes clearly. A flow called Account_UpdateBillingAddress_v2_FINAL is a smell. Name it for what it does: Account — Sync Billing to Shipping. Your future self (and every admin after you) will thank you.

Write test classes before you think you need them. Salesforce requires 75% code coverage to deploy Apex to production. Teams that write tests only to hit this number end up with tests that assert nothing meaningful. Write tests that actually verify the logic — especially edge cases and error paths.

Document what you built and why. A two-line description field in the flow or a comment in the Apex class is enough. The goal is that someone new to the org can understand the intent without asking you.

Stage 2: Full Sandbox (UAT)

This is your closest approximation to production. A full sandbox has a copy of your production metadata and data — which means bugs that only surface with real data volumes and real field values will show up here, not in production.

UAT is not just QA — it’s a stakeholder sign-off. The business owner of the affected process should test it, not just the developer. They know the edge cases, the manual workarounds, the data states you didn’t think to test.

Run a deployment dry run before the real one. The Salesforce CLI lets you validate a deployment without actually executing it:

sf project deploy validate --source-dir force-app --target-org full-sandbox --test-level RunLocalTests

If validation passes, your actual deployment will almost certainly pass too. If it fails, you’ve just saved yourself from a failed production deployment.

Test with production-like data volumes. A flow that runs fine on 10 records can timeout on 10,000. If your UAT sandbox has been refreshed recently, it has production data — use it.

Stage 3: The Production Deployment

A few non-negotiables before you push the button:

Pick the right time

Deploy during low-traffic hours. For most North American businesses, that’s a weekday evening or early weekend morning — not 9 AM Monday. Check your org’s login history report to find the quietest windows.

Notify affected users

A 15-minute heads-up in Slack or email is the difference between a smooth cutover and a support ticket storm. Tell them what’s changing, when, and who to contact if something looks wrong.

Have a rollback plan

Before every deployment, answer this question: if something goes wrong, how do I undo this in under 15 minutes? For Apex, it’s disabling the class and re-deploying the previous version. For flows, it’s deactivating the new version and activating the previous one. For data changes, it’s your backup export. Write it down before you start.

Validate immediately after

Right after deploying, run a smoke test of the affected process with a real record. Don’t close your laptop until you’ve confirmed it works.

The Change Log

The step most teams skip: write down what you deployed.

It doesn’t have to be elaborate — a Notion page, a shared spreadsheet, even a Slack channel where every deployment gets a message:

2026-04-22 · Account billing sync Deployed: Flow Account — Sync Billing to Shipping, Apex class BillingAddressHandler Changed by: Nuage9 / Sacha Reason: Client request — ticket #4821 Rollback: Deactivate flow, no data changes

When something breaks two weeks later (and something always does), this log tells you exactly where to look.

The ROI of process

A proper release management process adds maybe 30 minutes to each deployment. In exchange, you get:

  • Near-zero production incidents from deployments
  • Faster debugging when something does break
  • Audit trail for security reviews and compliance
  • Ability to onboard new team members without fear

The orgs that “move fast” by skipping process spend three times as long cleaning up incidents. The ones that follow a consistent process ship faster in the long run because they’re never in crisis mode.

Want us to audit your current release process or set up CI/CD for your Salesforce org? Let’s talk.