I think you're underestimating the complexity of our codebase. Aside from the usual blockers, we have hundreds of repos (our Staging feature for Enterprise allows customers to deploy our code on their own cadence) all tied together using pipelines.
We have our own custom release management software, which now doesn't work. Different repos have to go out at the same time so things don't break. Plus, we extensively use their review apps for code reviews, which we've lost access to.
Lastly, not everyone has access to deploy directly to Heroku, so not everyone would be able to 'git push heroku main'.
Could we fix all of this and get it working? Yeah. But we want to be focusing on building our product, which is why we pay Heroku a ton of money so we don't have to worry about this.
Sounds like you needed to start look into migrating into a hosted k8s solution (AWS or whatever), which will probably be quicker than waiting for Heroku
We were in the same position (although luckily far fewer repos than you!). It took a bit of fiddling, but in the end I found that it was actually quite easy to fix this by tacking on a force push to the main branch of the heroku git repo at the end of our existing CI process (essentially treating heroku got as a deploy api that happens to use the git protocol)
Don’t blame you for wanting to move, but you might find that approach helpful as a quick fix.
* It was automated. Now it requires someone to pay attention and do it. You need to check if CI passed, and pull, and be sure you pulled the version that passed CI (maybe someone pushed since then).
* Review apps, the only remaining heroku "killer feature", do not work at all.
The fact that this has been broken for 2 weeks tells you everything thing you need to know about the state of their code base, and the resources salesforce is willing to allocate to heroku.
Has anyone switched to AWS App Runner? Curious how it went.
The codebase is sound. I would almost certainly expect that the reason for the slowness is the ability/diligence and paranoia levels the SFDC security teams have. They won't want to turn this back on until they are absolutely certain it's 100% again.
I’m pretty confident if ‘putting it in the ci pipeline’ were a straight-forward option for most people, they probably wouldn’t be paying Heroku to manage review apps. I’ve used Heroku review apps for years and have also written and taken over different custom deployment pipelines. Review apps have a million different ways to be a giant time and money sink if not planned and implemented properly.
This doesn't work if your Git repo is above a certain size. Some of our apps (fortunately not production) haven't been able to deploy since the incident.
We have our own custom release management software, which now doesn't work. Different repos have to go out at the same time so things don't break. Plus, we extensively use their review apps for code reviews, which we've lost access to.
Lastly, not everyone has access to deploy directly to Heroku, so not everyone would be able to 'git push heroku main'.
Could we fix all of this and get it working? Yeah. But we want to be focusing on building our product, which is why we pay Heroku a ton of money so we don't have to worry about this.