Over the years, as Drupal has evolved, the upgrade process has become a bit more involved; as with most web applications, Drupal’s increasing complexity extends to deployment, and whether you end up running Drupal on a VPS, a bare metal server, in Docker containers, or in a Kubernetes cluster, you should formalize an update process to make sure upgrades are as close to non-events as possible.
Gone are the days (at least for most sites) where you could just download a ‘tarball’ (.tar.gz) from Drupal.org, expand it, then upload it via SFTP to a server and run Drupal’s update.php. That workflow (and even a workflow like drush up of old) might still work for some sites, but it is fragile and prone to cause issues whether you notice them or not. Plus if you’re using Drush to do this, it’s no longer supported in modern versions of Drush!
So without further ado, here is the process I’ve settled on for all the Drupal 8 sites I currently manage (note that I’ve converted all my non-Composer Drupal codebases to Composer at this point):