This directory contains GitHub Actions workflows for the API modular monolith.
- Triggers: Pull requests, pushes to main
- Purpose: Comprehensive testing including linting, type checking, unit tests, and security scans
- Features:
- ESLint validation with module separation rules
- TypeScript compilation
- MySQL integration tests
- Code coverage reporting
- Security vulnerability scanning
- Triggers: Push to main, manual dispatch
- Purpose: Deploy to demo environment with automatic database setup
- Features:
- Automated deployment
- Database migration and demo data setup
- Health checks and endpoint validation
- Slack notifications
- Triggers: Push to main, manual dispatch
- Purpose: Deploy to staging with comprehensive testing
- Features:
- Integration testing
- Performance monitoring
- Security validation
- Production-like environment testing
- Triggers: Release creation, manual dispatch with confirmation
- Purpose: Secure production deployment with safety checks
- Features:
- Manual confirmation requirement
- Pre-deployment validation
- Smoke testing
- Rollback procedures
- Critical alert notifications
- Triggers: Manual dispatch only
- Purpose: Run database migrations on any environment
- Options:
- Initialize all databases
- Reset databases with fresh data
- Migrate specific modules
- Environment selection (demo/staging/prod)
- Triggers: Weekly schedule (Sundays), manual dispatch
- Purpose: Reset demo environment with fresh demo data
- Features:
- Automated weekly cleanup
- Database reset and re-initialization
- Health verification
- Triggers: Weekly schedule (Mondays), manual dispatch
- Purpose: Automated dependency updates and security patches
- Features:
- Minor and patch version updates
- Security vulnerability fixes
- Automated pull request creation
- Testing validation
- Triggers: Every 15 minutes, manual dispatch
- Purpose: Continuous health monitoring of all environments
- Features:
- API endpoint health checks
- Database connectivity testing
- Performance monitoring
- Alert notifications for failures
- Demo - Automatic deployment from main branch
- Staging - Automatic deployment with testing
- Production - Protected environment with review requirements
AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY(Production)STAGING_AWS_ACCESS_KEY_ID/STAGING_AWS_SECRET_ACCESS_KEY(Staging/Demo)
SLACK_WEBHOOK_URL(Optional - for notifications)SNYK_TOKEN(Optional - for security scanning)
Database connection strings are managed via environment variables or AWS Parameter Store:
MEMBERSHIP_DB_URLATTENDANCE_DB_URLCONTENT_DB_URLGIVING_DB_URLMESSAGING_DB_URLDOING_DB_URL
- Secret scanning
- Dependency vulnerability checks
- Production deployment protection
- IAM role separation by environment
- Health checks every 15 minutes
- Performance monitoring
- Slack alerting
- Deployment status tracking
- Automated dependency updates
- Demo environment cleanup
- Database migration workflows
- Build artifact caching
- Multi-environment testing
- Integration test suites
- Smoke testing in production
- Database connectivity validation
# Deploy to specific environment
gh workflow run deploy-staging.yml
# Deploy to production with confirmation
gh workflow run deploy-prod.yml -f confirm_production="DEPLOY TO PRODUCTION"# Initialize databases in staging
gh workflow run database-migration.yml -f environment=staging -f migration_type=init
# Reset demo databases
gh workflow run database-migration.yml -f environment=demo -f migration_type=reset
# Migrate specific module
gh workflow run database-migration.yml -f environment=staging -f migration_type=specific-module -f module=membership# Check all environments
gh workflow run health-check.yml
# Check specific environment
gh workflow run health-check.yml -f environment=prod- Deployment status (success/failure)
- Health check alerts
- Database operation notifications
- Security scan results
- Demo: https://api-demo.churchapps.org/health
- Staging: https://api-staging.churchapps.org/health
- Production: https://api.churchapps.org/health
-
Feature Development
- Create feature branch
- Open pull request
- CI workflow runs automatically
- Merge after review and tests pass
-
Staging Deployment
- Push to main branch
- Automatic deployment to staging
- Integration tests run
- Manual testing and validation
-
Production Deployment
- Create GitHub release
- Production deployment workflow triggers
- Smoke tests and health checks
- Monitor for issues
- Check AWS credentials and permissions
- Verify serverless.yml configuration
- Review CloudWatch logs
- Check database connectivity
- Verify database setup in CI
- Check environment variable configuration
- Review test database connectivity
- Validate test data initialization
- Check API endpoint availability
- Verify database connections
- Review Lambda function logs
- Check security group configurations
- Review workflow logs in GitHub Actions tab
- Check CloudWatch logs for Lambda errors
- Monitor Slack channels for automated alerts
- Contact DevOps team for infrastructure issues
- Always test in staging first before production deployment
- Use manual confirmation for production deployments
- Monitor health checks after deployments
- Keep dependencies updated via automated PRs
- Review security scan results regularly
- Use environment-specific configurations
- Test database migrations in non-production first
For detailed setup instructions, see DEPLOYMENT_SETUP.md.