Once deployed, smart contract code becomes immutable, so you better get it right the first time. This is a very different setting to traditional software development where you can continuously release fixes and enhancements. Although, there are patterns for upgrading smart contracts, they are anything but trivial, and can come with their own flaws.
The following steps should be taken to minimize risk:
Make sure RAB has been completed for the contract you are deploying and all the contracts in its inheritance chain.
Create an issue titled "Deploy <SmartContract>".
Label it with the appropriate priority, appropriate status, and "maintenance" type.
Assign it to the team member tasked with deploying the contract.
Once that's done, the assignee does the following:
Creates a pull request titled "chore/deploy-<smart-contract>", that adds the latest commit hash of the
master branch and the soon to be contract address, separated by a "@" character (e.g.
[email protected]ea6d2637d90eeb5a7e6), to the contract's RAB pragma comment's deployments list, and closes the issue.
Labels it with the appropriate priority, appropriate status, and "maintenance" type.
Assigns himself and adds the whole review team as reviewers.
Concatenates all the necessary contract code into a single snippet or gist and posts it in the pull request.
Waits for everyone to check off on the code.
Gives the code a final read and deploys it using something like Remix or a CLI, before verifying the code on Etherscan.
Adds the contract address to the contract's RAB pragma comment if not already there, changes the status to the "review needed" status and waits for another team member to approve and merge.