CI/CD Pipeline
GitHub Actions · ECS · Kubernetes · Terraform
GitHub Actions Kubernetes Terraform EAS Mobile
① Source Control
📁
GitHub Repo
Mono-repo: backend + mobile
maindevelopfeature/*
🔍
Pull Request
Branch → develop or main
ProtectedReview required
② Continuous Integration (ci.yml)
🔍
Lint + Type Check
ESLint SARIF · TypeScript tsc
ESLinttsc --noEmit
🧪
Tests
Jest · Postgres + Redis services
JestCoverageCodecov
🐳
Docker Build
Multi-arch · GHCR push · Layer cache
amd64arm64BuildKit
🔒
Security Scan
Trivy CVE · npm audit · OWASP
TrivySARIFOWASP
③ Deploy to Staging — develop branch (deploy-staging.yml)
🐘
DB Migrations
Run via Docker against staging DB
pg-migrateZero-downtime
🚀
ECS Deploy
Rolling update · Fargate
ECSFargateRolling
💚
Health Check
5 retries · /api/health · Smoke tests
HTTP 200SmokeAuto-rollback
④ Deploy to Production — main branch · Approval required (deploy-production.yml)
👤
Approval Gate
GitHub Environment: production
Required reviewer sign-off
Manual GateEnv Protection
📸
Snapshot
Save current task def for rollback
ECS task ARNAuto-rollback
🔵
Blue/Green Deploy
CodeDeploy · Zero downtime
CodeDeployECS0-downtime
Verify + Tag
Health · Smoke tests · GitHub Release
5 retriesRollback on failSlack
CI/CD Pipeline
Click any node for details
Pipeline Overview
CI ToolGitHub Actions
RegistryGHCR (ghcr.io)
DeployAWS ECS Fargate
IaCTerraform 1.7+
OrchestrationKubernetes (EKS)
MobileEAS Build + Submit
Branch Strategy
feature/* → develop
↳ CI + staging deploy
develop → main
↳ CI + approval + production
main → v*.*.* tag
↳ GitHub Release
Estimated Pipeline Times
Lint + Test~3 min
Docker Build~4 min (cached)
Security Scan~2 min
Staging Deploy~5 min
Prod Deploy~8 min
EAS Mobile~15 min