CI/CD Pipeline to
AWS — How This Portfolio Ships
Every commit to this portfolio triggers a fully automated pipeline — build, test, push to ECR, deploy to EKS. Zero manual steps. Bootstrapped with a Backstage golden path template.
From Commit to Production
Source
Code push triggers pipeline via webhook. Branch protection rules enforce PR reviews before merge to main.
Build
Docker image built, tagged with commit SHA. Multi-stage Dockerfile keeps images lean and secure.
Test
Unit tests, integration tests, and security scans (Trivy) run in parallel. Pipeline fails fast on any issue.
Push
Signed image pushed to private ECR registry. Image digest tracked for immutable deployments.
Deploy
Helm chart updated with new image tag. Rolling deployment with health checks and automatic rollback on failure.
Verify
Post-deploy smoke tests hit production endpoints. Slack notification sent on success or failure.
Bootstrapped with a Golden Path
Backstage CI/CD Template
Internal Developer PlatformThe CI/CD pipeline for this portfolio is bootstrapped using a golden path template from the Internal Developer Platform built with Backstage. The template pre-wires GitHub Actions workflows, Dockerfile conventions, Helm chart scaffolding, and ECR push configuration — so new services get a production-ready pipeline in minutes, not days.
View IDP Backstage Project- GitHub Actions workflow pre-configured with OIDC auth to AWS
- Helm chart scaffold with sensible defaults for EKS deployments
- ECR repository auto-created via Terraform module
- Branch protection and PR checks enforced by template
- Slack notifications wired out of the box