The 'best approach' in a theory (coming from the perspective of k8s) would be GitOps: Cloud-native Continuous Deployment.Your question lack some important information, how are you doing your deployments right now ? Do you have some limitations in terms of security and auditability ?
Sharing my personal 2 cents, using GitOps with ArgoCD outsource and guarantees the continious-running of all of yourworkloads(pods as an example). Argo will take care for them, even if somebody deletes a pod, it will re-store the previous number of pods, essentially maintaining the desired vs real state. Another benefit is that you could really easily track your appps by version, commit, tag ... you could even roll-back(this works only under a specific circumstance). Going in an example,by simply changing the image inside a pod spec in a directory that Argo keeps track of it is enough for the new version to beroll out as safe as possibble.
In our case we have a separate service (it's just a repo with tags) that acts as a wrapper for all the services, once we have a new release we deploy under a pattern of a directory layout and Argo catches it, everything is re/deployed automatically. The UI is great and they even expose a REST API.
Now once you have Argo(or some other tool), you get additional efforts in tracking the releases of the tool, versions, backward-comptability, helm metadata support, security, access, password rotations, best way to drop Argo in the cluster ... but this is another story that comesnaturally, once you decide to go this path.