diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
index 06d55e5f1d..44b9b93dc0 100644
--- a/.github/workflows/cd.yaml
+++ b/.github/workflows/cd.yaml
@@ -269,7 +269,7 @@ jobs:
       pull-requests: write
     secrets: inherit
 
-  terraform-env-dev:
+  terraform_env_dev:
     name: Environment (dev)
     if: ${{ always() && !cancelled() && !failure() && (needs.orchestrator.outputs.should-apply-environment-terraform || needs.docker.result == 'success' || needs.cdn.result == 'success') }}
     concurrency:
@@ -295,15 +295,26 @@ jobs:
       pull-requests: write
     secrets: inherit
 
-  terraform-env-int:
+  test-dev:
+    name: Run Tests on DEV
+    needs:
+      - terraform_env_dev
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run E2E Smoke Test on DEV
+        uses: dvsa/vol-functional-tests/.github/workflows/e2eSmoke.yaml@main
+        with:
+          platform_env: dev
+
+  terraform_env_int:
     name: Environment (int)
-    if: ${{ always() && !cancelled() && !failure() && needs.terraform-env-dev.result == 'success' }}
+    if: ${{ always() && !cancelled() && !failure() && needs.terraform_env_dev.result == 'success' }}
     concurrency:
       group: terraform-environment-int
     needs:
       - get-version
       - orchestrator
-      - terraform-env-dev
+      - terraform_env_dev
     uses: ./.github/workflows/deploy-environment.yaml
     with:
       environment: int
@@ -319,6 +330,49 @@ jobs:
       pull-requests: write
     secrets: inherit
 
+  test_int:
+    name: Run Tests on INT
+    needs:
+      - terraform_env_int
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run E2E Smoke Test on INT
+        uses: dvsa/vol-functional-tests/.github/workflows/e2eSmoke.yaml@main
+        with:
+          platform_env: int
+
+  rollback_int:
+    name: Rollback INT Deployment
+    if: ${{ needs.test_int.result == 'failure' }}
+    needs:
+      - test_int
+      - terraform_env_int
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ vars.ENV_int_TF_OIDC_ROLE }}
+          aws-region: ${{ vars.ENV_int_TF_AWS_REGION }}
+      - name: Terraform Init
+        run: terraform init -no-color -input=false
+        working-directory: infra/terraform/environments/int
+      - name: Plan Rollback
+        run: |
+          terraform plan -no-color -input=false -out=tfplan \
+            -var "api_image_tag=${{ needs.terraform_env_int.outputs.previous_api_image_tag }}" \
+            -var "cli_image_tag=${{ needs.terraform_env_int.outputs.previous_cli_image_tag }}" \
+            -var "selfserve_image_tag=${{ needs.terraform_env_int.outputs.previous_selfserve_image_tag }}" \
+            -var "internal_image_tag=${{ needs.terraform_env_int.outputs.previous_internal_image_tag }}" \
+            -var "assets_version=${{ needs.terraform_env_int.outputs.previous_assets_version }}"
+        working-directory: infra/terraform/environments/int
+      - name: Apply Rollback
+        run: terraform apply -no-color -input=false -auto-approve tfplan
+        working-directory: infra/terraform/environments/int
+
   terraform-account-prod:
     name: Account (prod)
     if: ${{ always() && !cancelled() && !failure() && needs.release-please.outputs.release_created }}
@@ -327,7 +381,8 @@ jobs:
     needs:
       - release-please
       - orchestrator
-      - terraform-env-int
+      - terraform_env_int
+      - test_int
     uses: ./.github/workflows/deploy-account.yaml
     with:
       account: prod
@@ -338,7 +393,7 @@ jobs:
       pull-requests: write
     secrets: inherit
 
-  terraform-env-prep:
+  terraform_env_prep:
     name: Environment (prep)
     if: ${{ always() && !cancelled() && !failure() && needs.release-please.outputs.release_created }}
     concurrency:
@@ -363,7 +418,7 @@ jobs:
       pull-requests: write
     secrets: inherit
 
-  terraform-env-prod:
+  terraform_env_prod:
     name: Environment (prod)
     if: ${{ always() && !cancelled() && !failure() && needs.release-please.outputs.release_created }}
     concurrency:
@@ -372,7 +427,7 @@ jobs:
       - release-please
       - get-version
       - orchestrator
-      - terraform-env-prep
+      - terraform_env_prep
     uses: ./.github/workflows/deploy-environment.yaml
     with:
       environment: prod
diff --git a/.github/workflows/deploy-environment.yaml b/.github/workflows/deploy-environment.yaml
index 0cffcb61b2..650c976ea7 100644
--- a/.github/workflows/deploy-environment.yaml
+++ b/.github/workflows/deploy-environment.yaml
@@ -84,6 +84,21 @@ on:
       terraform-output:
         description: "Terraform output"
         value: ${{ jobs.deploy.outputs.terraform-output }}
+      previous_api_image_tag:
+        description: "Previous API image tag"
+        value: ${{ jobs.deploy.outputs.previous_api_image_tag }}
+      previous_cli_image_tag:
+        description: "Previous CLI image tag"
+        value: ${{ jobs.deploy.outputs.previous_cli_image_tag }}
+      previous_selfserve_image_tag:
+        description: "Previous Selfserve image tag"
+        value: ${{ jobs.deploy.outputs.previous_selfserve_image_tag }}
+      previous_internal_image_tag:
+        description: "Previous Internal image tag"
+        value: ${{ jobs.deploy.outputs.previous_internal_image_tag }}
+      previous_assets_version:
+        description: "Previous Assets version"
+        value: ${{ jobs.deploy.outputs.previous_assets_version }}
 
 permissions:
   contents: read
@@ -104,6 +119,11 @@ jobs:
       name: ${{ (inputs.apply && !inputs.destroy) && (inputs.workspace || inputs.environment) || null }}
     outputs:
       terraform-output: ${{ steps.terraform-output.outputs.json }}
+      previous_api_image_tag: ${{ steps.get_current_versions.outputs.api_image_tag }}
+      previous_cli_image_tag: ${{ steps.get_current_versions.outputs.cli_image_tag }}
+      previous_selfserve_image_tag: ${{ steps.get_current_versions.outputs.selfserve_image_tag }}
+      previous_internal_image_tag: ${{ steps.get_current_versions.outputs.internal_image_tag }}
+      previous_assets_version: ${{ steps.get_current_versions.outputs.assets_version }}
     env:
       WORKING_DIR: infra/terraform/environments/${{ inputs.environment }}
       AWS_OIDC_ROLE: ${{ vars[format('ENV_{0}_TF_OIDC{1}_ROLE', inputs.environment, (inputs.apply && '' || '_READONLY'))] || (inputs.apply && vars.TF_OIDC_ROLE || vars.TF_OIDC_READONLY_ROLE) }}
@@ -252,6 +272,16 @@ jobs:
               })
             }
 
+      - name: Get Current Versions from Terraform State
+        id: get_current_versions
+        run: |
+          terraform output -json > outputs.json
+          echo "api_image_tag=$(jq -r '.api_image_tag.value' outputs.json)" >> $GITHUB_OUTPUT
+          echo "cli_image_tag=$(jq -r '.cli_image_tag.value' outputs.json)" >> $GITHUB_OUTPUT
+          echo "selfserve_image_tag=$(jq -r '.selfserve_image_tag.value' outputs.json)" >> $GITHUB_OUTPUT
+          echo "internal_image_tag=$(jq -r '.internal_image_tag.value' outputs.json)" >> $GITHUB_OUTPUT
+          echo "assets_version=$(jq -r '.assets_version.value' outputs.json)" >> $GITHUB_OUTPUT
+
       - name: Apply
         id: apply
         if: ${{ inputs.apply }}