GitHub Actions CI/CD for Containerized BioTech Platform
Implemented GitHub Actions CI/CD for a containerized full-stack platform (Vue.js + FastAPI), supporting both per-service pipelines and a single workflow that deploys everything together.
Images are pushed to Amazon ECR with commit-SHA versioning (plus `latest`) so rollbacks are instant and traceable.
Deployments run via SSH to an EC2 host where Docker Compose manages the stack behind Nginx. The workflow includes pre-flight checks and post-deploy health validation (API health endpoint + frontend response).
Secrets stay out of code: runtime configuration is injected from GitHub encrypted secrets, while the frontend API URL is provided at build time.
What this covers
Dual Pipeline Architecture
Supports both independent service deploys and a unified full-stack deploy, depending on the release need.
Commit-Tracked Container Images
Every image tagged with commit SHA + latest for easy rollback and clean traceability.
SSH-Based Remote Orchestration
Deploys via hardened SSH steps (keys from secrets, known_hosts setup, fail-fast scripts) without extra agents.
Defensive Pre-Flight Checks
Validates deployment directories and compose files before touching running containers to avoid half-broken releases.
Post-Deployment Health Validation
Checks containers are up, verifies API health endpoint, and confirms frontend is being served correctly.
Nginx Reverse Proxy Integration
Ensures routing remains consistent after deploys; proxy rules stay stable while services update behind it.
Secret Injection Strategy
Backend secrets injected at deploy time; frontend uses build-time API URL — clean separation of concerns.