Your custom CI/CD pipeline includes:
- Automated Quality Checks: Linting, type checking, and code formatting
- Comprehensive Testing: Unit tests, integration tests, and E2E tests with Playwright
- Security Scanning: Trivy vulnerability scanning, dependency audits, and secret detection
- Multi-Environment Deployments: Development, Staging, and Production environments
- Performance Monitoring: Lighthouse audits and bundle size analysis
- Database Migrations: Automated migration execution post-deployment
- Health Checks: Post-deployment validation and monitoring
- Preview Deployments - Automatic PR preview environments
- Security Analysis - Daily security scans and CodeQL analysis
- Dependency Updates - Weekly automated dependency updates
- Rollback Capability - Automatic rollback on deployment failures
- Multi-stage Dockerfile for optimized builds
- Docker Compose for local development
- Container image building in CI/CD
- Health checks and monitoring
├── ci-cd-pipeline.yml # Main deployment pipeline
├── preview-deployment.yml # PR preview deployments
├── security-analysis.yml # Security and code quality
└── dependency-updates.yml # Automated updates
├── CI-CD-PIPELINE.md # Complete documentation
└── CI-CD-QUICK-REFERENCE.md # Quick reference guide
├── Dockerfile # Production container
├── .dockerignore # Docker ignore patterns
└── docker-compose.yml # Local development setup
┌─────────────┐
│ Code Push │
└──────┬──────┘
│
↓
┌─────────────────────────────────────┐
│ Setup & Cache Dependencies │
└──────┬──────────────────────────────┘
│
↓
┌─────────────────────────────────────┐
│ Parallel Execution │
├─────────────┬──────────┬────────────┤
│ Quality │ Security │ Tests │
│ Checks │ Scanning │ (Unit+E2E) │
└─────┬───────┴────┬─────┴──────┬─────┘
│ │ │
└────────────┴────────────┘
│
↓
┌─────────────────┐
│ Build │
└────────┬────────┘
│
↓
┌─────────────────────────┐
│ Environment Deployments │
├──────┬────────┬─────────┤
│ Dev │Staging │ Prod │
└──────┴────┬───┴─────────┘
│
↓
┌───────────────────────┐
│ Post-Deployment │
├──────┬────────┬───────┤
│ DB │Perf. │Health │
│Migrate│Audit │Checks │
└──────┴────────┴───────┘
Go to: Settings → Secrets and variables → Actions → New repository secret
Required Secrets:
VERCEL_TOKEN # Get from: https://vercel.com/account/tokens
VERCEL_ORG_ID # Found in Vercel project settings
VERCEL_PROJECT_ID # Found in Vercel project settings
PRODUCTION_DATABASE_URL # PostgreSQL connection stringOptional Secrets:
CLOUDFLARE_ZONE_ID # For DNS management
CLOUDFLARE_API_TOKEN # Cloudflare API token
DOCKER_USERNAME # Docker Hub username
DOCKER_PASSWORD # Docker Hub token- Go to Settings → Actions → General
- Set "Actions permissions" to: Allow all actions and reusable workflows
- Enable "Allow GitHub Actions to create and approve pull requests"
For main branch:
- Go to Settings → Branches
- Add rule for
main - Enable:
- ✅ Require status checks to pass
- ✅ Require branches to be up to date
- ✅ Status checks:
quality-check,test,build - ✅ Require pull request reviews
For develop branch:
- Same as above but without review requirement
Create environments:
- Go to Settings → Environments
- Create:
development,staging,production
For Production environment:
- ✅ Required reviewers: Add team members
- ✅ Wait timer: 5 minutes (optional)
- ✅ Deployment branches: Only
main
# Start all services
docker-compose up -d
# Start with database tools (pgAdmin)
docker-compose --profile tools up -d
# View logs
docker-compose logs -f app
# Stop services
docker-compose down
# Clean up volumes
docker-compose down -vAccess points:
- Application: http://localhost:3000
- PostgreSQL: localhost:5432
- Redis: localhost:6379
- PgAdmin: http://localhost:5050
git checkout develop
git pull
# Make changes
git add .
git commit -m "feat: add feature"
git push
# Automatically deploys to dev.tiqology.vercel.appgit checkout main
git merge develop
git push
# Deploys to staging → production (with approval)# Using GitHub CLI
gh workflow run ci-cd-pipeline.yml \
--ref main \
-f environment=production \
-f skip_tests=falsegit checkout -b feature/new-feature
# Make changes
git push origin feature/new-feature
# Open PR → automatic preview deployment# List recent runs
gh run list --workflow=ci-cd-pipeline.yml
# Watch current run
gh run watch
# View logs
gh run view <run-id> --log# Production
curl https://tiqology.vercel.app/api/health
# Development
curl https://dev.tiqology.vercel.app/api/health- View Lighthouse reports in GitHub Actions artifacts
- Check Vercel Analytics dashboard
- Review bundle size in build logs
Build Failure:
# Check locally first
pnpm install
pnpm buildTest Failure:
# Run tests locally
pnpm test
# Run specific test
pnpm test -- <test-file>Deployment Failure:
# Verify secrets
gh secret list
# Check Vercel status
vercel login
vercel ls✅ Automated: No manual deployment steps ✅ Fast: Parallel execution, ~18 minutes total ✅ Secure: Multiple security scanning layers ✅ Reliable: Comprehensive testing before deployment ✅ Monitored: Health checks and performance audits ✅ Recoverable: Automatic rollback on failures ✅ Documented: Extensive guides and references
- ✅ Configure GitHub secrets
- ✅ Enable GitHub Actions
- ✅ Set up branch protection
- ✅ Configure environments
- ✅ Make your first deployment
- ✅ Monitor and optimize
For issues or questions:
- 📖 Check the documentation
- 🐛 Open an issue
- 💬 Tag with
ci-cdlabel
Pipeline Version: 2.0
Last Updated: December 22, 2025
Status: ✅ Ready for Production