Skip to content

ci: add Docker CI/CD pipeline and deployment automation #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
victorbruce merged 3 commits into from
Dec 21, 2025
Merged

ci: add Docker CI/CD pipeline and deployment automation #7

victorbruce merged 3 commits into from
Dec 21, 2025

Conversation

@victorbruce
Copy link
Owner

@victorbruce victorbruce commented Dec 21, 2025
edited
Loading

🎯 What This PR Does

Adds Docker CI/CD pipeline with automated deployment to Render.

βœ… Changes Included

Docker CI Pipeline

  • Build and test Docker images (development + production)
  • Container startup validation
  • Nginx configuration testing
  • Security vulnerability scanning with Trivy
  • Push images to GitHub Container Registry

Deployment Automation

  • Automated deployment to Render on main branch merges
  • Deploy hook integration via GitHub Secrets
  • Post-deployment verification checks

Branch Protection

  • Enabled branch protection rules for main
  • Require PR reviews before merge
  • Require all CI checks to pass
  • Require branches to be up to date

πŸ”§ Configuration Required

  1. GitHub Secret: Add RENDER_DEPLOY_HOOK_URL from Render dashboard
  2. Render Service: Web service configured with Docker environment
  3. Update URL: Replace your-app.onrender.com in deploy-render.yml with actual Render URL

πŸš€ Deployment Flow

Push to main β†’ Docker CI builds image β†’ Pushes to GHCR β†’ Triggers Render deployment β†’ Live βœ…

βœ… Testing Done

  • Docker builds successfully locally
  • Containers start and serve content
  • CI pipeline passes on PR
  • Branch protection rules active
  • Ready for Render integration

πŸ“ Next Steps After Merge

  1. Add RENDER_DEPLOY_HOOK_URL secret to GitHub
  2. Update Render URL in workflow file
  3. Push to main to trigger first automated deployment

⚠️ Note on Deployment

The deployment workflow is included but disabled (push trigger commented out).

To enable after merge:

  1. Configure Render service
  2. Add RENDER_DEPLOY_HOOK_URL secret
  3. Update Render URL in workflow
  4. Uncomment push trigger in deploy-render.yml
  5. Push to main to activate

This allows safe merge without premature deployment attempts.

Deployed app will be live at: https://[your-service].onrender.com

@victorbruce victorbruce self-assigned this Dec 21, 2025
@victorbruce victorbruce added the enhancement New feature or request label Dec 21, 2025
@github-advanced-security
Copy link

github-advanced-security bot commented Dec 21, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@victorbruce victorbruce merged commit 7b0ec83 into dev Dec 21, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@victorbruce victorbruce

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@victorbruce