CI/CD & Environments
This guide covers the deployment pipeline, environment types, and automation workflows.
Environments
The monorepo supports three environment types:
| Type | Name Pattern | Purpose | Lifecycle |
|---|---|---|---|
| Production | production |
Live user-facing environment | Manual deploy via workflow_dispatch |
| Integration | integration |
Staging / continuous integration | Auto-deploys on merge to main |
| Ephemeral | pr0001–pr9999 |
Per-PR preview environments | Auto-created on PR, destroyed on close |
Environment Differences
| Aspect | Production | Integration | Ephemeral |
|---|---|---|---|
| DynamoDB removal | RETAIN | DESTROY | DESTROY |
| Log retention | 1 year | 2 weeks | 2 weeks |
| Lambda minification | Yes | No | No |
| Source maps | No | Yes | Yes |
| Self-signup | No | No | Yes |
| SSO sign-in | Yes | Yes | No |
| Assets bucket | Yes | Yes | No |
| Data seeding | — | — | Copied from integration |
| Docs publishing | Yes (canonical) | Yes (staging preview) | No |
CI/CD Workflows
Deployment Workflows
| Workflow | Trigger | Environment |
|---|---|---|
deploy-integration.yml |
Push to main |
integration |
deploy-production.yml |
Manual (workflow_dispatch) |
production |
deploy-ephemeral.yml |
PR opened/updated | ephemeral (per-PR) |
destroy-ephemeral.yml |
PR closed | Destroys ephemeral stack |
Verification Workflow (verify.yml)
Runs on every PR (ready for review / synchronize):
- Lint —
pnpm run check(lint + type-check across all workspaces) - Backend Tests —
pnpm run testin backend (with coverage) - JIRA Ticket Check — Validates PR title/branch naming
Deployment Pipeline (base-deploy.yml)
The reusable deployment workflow runs these jobs:
frontend-build ──┐
├──► frontend-upload
infrastructure ──┘
│
└──► publish-docs (production + integration only)
- frontend-build — Installs deps, builds Vite app, uploads artifact
- infrastructure — Deploys CDK stack (Lambda, API Gateway, DynamoDB, Cognito, CloudFront)
- frontend-upload — Downloads build artifact, syncs to S3, invalidates CloudFront
- publish-docs — Publishes Scalar documentation (production and integration only)
Docs Publishing: Documentation is published for production and integration only. Each environment has its own Scalar project and custom domain: production at
monorepo-starter-docs.wseng.rp.devfactory.com, integration atmonorepo-starter-docs-int.wseng.rp.devfactory.com. The API reference automatically points to the environment's own API, so reviewers can test endpoints directly from the docs. Ephemeral (PR) environments do not publish docs.
Post-Deploy Hooks
After CDK deployment, the post-deploy.hook.ts script:
- Publishes environment config JSON to S3 (used by frontend for environment switching)
- Seeds ephemeral environments (copies users and DynamoDB data from integration)
Note: Manual API calls can be made via the Scalar interactive docs (
/docs/viewer) or by running the auto-generated tests inapi-tests/.
Automation Workflows
| Workflow | Schedule | Purpose |
|---|---|---|
auto-update-branches.yml |
Every 30 min | Keeps feature branches up-to-date with main |
auto-release-accepted.yml |
Every 15 min | Auto-releases accepted PRs |
review-pr.yml |
On PR events | Automated PR review |
Deployment Flow (End-to-End)
A typical integration deployment follows this sequence:
- Developer merges a PR into
main deploy-integration.ymltriggers automatically- It calls
base-deploy.ymlwithenvironment: integration - frontend-build compiles the React app with Vite
- infrastructure runs
cdk deployvia the infra package - After CDK completes,
post-deploy.hook.tspublishes environment config to S3 - frontend-upload syncs the built assets to S3 and invalidates the CloudFront cache
- publish-docs generates and publishes Scalar documentation with the latest API spec
For PR environments, the same pipeline runs with environment: prNNNN and environment-type: ephemeral, but the publish-docs job is skipped (docs are only published for production and integration).
Managing Environments
Syncing Local .env from a Deployed Environment
# From the integration environment
pnpm script update-env --env integration
# From a specific PR environment
pnpm script update-env --pr 20
# Wait for a stack that is still deploying
pnpm script update-env --env integration --wait
Accessing Deployed Environments
| Environment | Frontend URL | API URL | Docs URL |
|---|---|---|---|
| Production | https://monorepo.wseng.rp.devfactory.com |
https://api-monorepo.wseng.rp.devfactory.com |
https://monorepo-starter-docs.wseng.rp.devfactory.com |
| Integration | https://monorepo-integration.wseng.rp.devfactory.com |
https://api-monorepo-integration.wseng.rp.devfactory.com |
https://monorepo-starter-docs-int.wseng.rp.devfactory.com |
| Ephemeral | PR-specific CloudFront URL | PR-specific API Gateway URL | — |
Ephemeral environment URLs are output by the deploy step and posted as a PR comment.