This document describes the CI/CD workflows and deployment processes for the EMCP project.
The EMCP project uses GitHub Actions for automated deployment to AWS EKS with a multi-environment setup. The CI/CD pipeline supports both automatic deployments triggered by branch pushes and manual deployments via GitHub UI.
File: .github/workflows/deploy-emcp.yml
This is the primary workflow that orchestrates all service deployments. It contains the following jobs:
- set-environment - Determines target environment based on branch or manual input
- check-changes - Identifies which services need deployment based on file changes
- deploy-redis - Deploys Redis cache service
- deploy-mongodb - Deploys MongoDB database service
- deploy-admin - Deploys admin service
- deploy-backend - Deploys backend API service
- deploy-frontend - Deploys frontend web application
- deployment-summary - Provides final deployment status report
- main branch → Production environment (
emcp-prod) - staging branch → Staging environment (
emcp-staging) - dev branch → Development environment (
emcp-dev)
- Environment selection: dev, staging, prod
- Service-specific deployment flags
- Special options like
check_redis_only
The pipeline includes intelligent change detection that only deploys services when relevant files are modified:
Monitored Paths:
charts/{service}/templates/**charts/{service}/Chart.yamlcharts/{service}/values.yamlcharts/{service}/environments/*.yaml.github/workflows/**
Change Detection Rules:
- For push events: Compares current commit with previous commit
- For manual dispatch: Uses input flags to determine deployments
- Only triggers deployment if specific service files are modified
Path: .github/actions/setup-eks/action.yml
Purpose: Configures AWS credentials, kubectl, and Helm for EKS deployment
Steps:
- Configure AWS credentials using
aws-actions/configure-aws-credentials@v2 - Update kubeconfig for EKS cluster connection
- Install Helm v3.12.0
- Create target namespace if it doesn't exist
Path: .github/actions/create-ecr-credentials/action.yml
Purpose: Creates Kubernetes secrets for ECR authentication
Process:
- Retrieve ECR login token using AWS CLI
- Create
docker-registrysecret in target namespace - Configure secret for ECR image pulling
Path: .github/actions/deploy-helm-chart/action.yml
Purpose: Intelligent Helm deployment with skip logic
Key Features:
- Smart Deployment Detection: Checks if service already exists with correct image
- Resource Type Handling: Supports both StatefulSets and Deployments
- Error Recovery: Handles Helm timeout issues with actual pod status verification
- Deployment Verification: Post-deployment rollout status checking
Deployment Logic Flow:
- Check if service already exists in namespace
- Determine resource type (StatefulSet vs Deployment)
- Verify current pod status and image version
- Skip deployment if correct image is already running
- Execute Helm upgrade/install if needed
- Handle Helm timeouts gracefully
- Verify final deployment status
Each service has its own reusable workflow:
deploy-admin.yml- Admin service deploymentdeploy-backend.yml- Backend API deploymentdeploy-frontend.yml- Frontend application deploymentdeploy-mongodb.yml- MongoDB database deploymentdeploy-redis.yml- Redis cache deployment
Each service workflow follows this pattern:
-
Environment Setup
- Checkout code
- Setup EKS connection
- Create ECR credentials
-
Image Tag Resolution
- Map environment to image tag (dev/staging/prod)
- Construct full ECR image path
-
Configuration Setup
- Determine logging settings based on environment
- Set environment-specific configurations
-
Deployment Execution
- Use
deploy-helm-chartaction - Apply environment-specific values files
- Set dynamic Helm values
- Use
-
Status Reporting
- Report deployment status
- Show pod details and service status
Services are deployed in a specific order to respect dependencies: