Skip to content


Repository files navigation


Connecting to a Database (MongoDB)

Remote Database

  1. Go to the MongoDB Atlas web console and add you IP address to the Network Access List.
  2. Verify that the MONGODB_URI env var in /server/.env has the format

You can get the /server/.env file using the secret manager.

Local Database

A MongoDB replicaset is required to use MongoDB sessions. Install and use run-rs to run a MongoDB replicaset locally.

The MONGODB_URI env var should have the format


Non-Windows users can have a MONGODB_URI env var in the format


Secret Manager

Run the following commands from the repo root:

To populate local environment files with secrets from secr\et manager: vault kv get -format=json kv/pregnancy-centre | python

To update the secrets inside secret manager using local environment files: vault kv put kv/pregnancy-centre CLIENT_ENV_VARS=@client/.env CLIENT_ENV_PROD_VARS=@client/ CLIENT_ENV_STAGING_VARS=@client/.env.staging SERVER_ENV_VARS=@server/.env SERVER_ENV_PROD_VARS=@server/ SERVER_ENV_STAGING_VARS=@server/.env.staging

Helpful secret manager setup guide:

~ For Windows users ~

  • Having python 3 is a prerequisite, but you might have to use python instead of python3 (this will depend on the user/OS)
  • For Windows 10 users, make sure to run cmd/powershell as admin
  • Running with Git Bash also works

Automated Deployment


If you're working on feature-branch and you want to deploy your changes to staging, then do the following:

  1. Checkout the staging branch.
git checkout staging
  1. Set the HEAD of staging to the same commit as the HEAD of feature-branch
git checkout staging
git reset --hard feature-branch
git push -f origin staging
  1. CircleCI will automatically deploy any commits in the staging branch. Go here to watch the deployment jobs. If the client and server deployment jobs complete successfully, then proceed.
  2. To see the staging website, go here.

Manual Deployment

Get all the dev, staging, and prod .env files for server and client from the secret manager.

Diagram of deployment architecture



  1. Delete the old client/build folder
  2. Ensure client/.env files contain the appropriate credentials. If you are deploying to prod, rename client/ to client/.env.
  3. Go to /client. Then run
npm run build
./node_modules/.bin/firebase use <ENV>
./node_modules/.bin/firebase deploy --only hosting

<ENV> is either prod or staging.

Before building, ensure your .env has the correct values for production.



  1. Go to /server.
  2. Ensure your .env has the correct values for production.
  • We must have NODE_ENV=production or else all requests will be unauthenticated and graphql errors will include a stacktrace.
  1. Remove .env from server/.gitignore (or else the build will fail.)
  2. Configure the gcloud project
gcloud config set project <PROJECT_ID>
  1. Build Docker image and push to Google container registry. The name of the image is<PROJECT_ID>/tpc-server.
gcloud builds submit --tag<PROJECT_ID>/tpc-server
  • <PROJECT_ID> is bp-pregnancy-centre or bp-pregnancy-centre-staging
  1. Add .env back to server/.gitignore. (Be safe, don't leak secrets!)
  2. Deploy built container using Google Cloud Run (if the service tpc-server already exists, a revision will be deployed). More info here.
gcloud beta run deploy tpc-server \<PROJECT_ID>/tpc-server \
   --vpc-connector=tcp-server-connector \
   --vpc-egress=all \
   --platform=managed \
   --region=us-east1 \
   --min-instances 1

Set up static outbound IP

  1. Configure the gcloud project
gcloud config set project <PROJECT_ID>
  1. Run the following commands:
gcloud compute networks subnets create tpc-subnet --range= --network=default --region=us-east1

gcloud beta compute networks vpc-access connectors create tcp-server-connector \
  --region=us-east1 \
  --subnet-project=<PROJECT_ID> \

gcloud compute routers create tpc-server-router \
  --network=default \

gcloud compute addresses create tpc-server-outbound-ip --region=us-east1

gcloud compute routers nats create tpc-server-nat \
  --router=tpc-server-router \
  --region=us-east1 \
  --nat-custom-subnet-ip-ranges=tpc-subnet \

gcloud beta run deploy tpc-server \<PROJECT_ID>/tpc-server \
   --vpc-connector=tcp-server-connector \
   --vpc-egress=all \
   --platform=managed \
   --region=us-east1 \
   --min-instances 1
  1. Go to VPC Network in GCP console to find outbound static IP. Add the static IP to the MongoDB Atlas Newtork Access List.