Applications are deployed automatically through GitHub Actions. The full pipeline:
Developer Push
│
▼
GitHub Actions
│
├── Run Tests
├── Build Docker Image
├── SSH into Server
├── Deploy Containers
├── Run Database Migrations (inside container)
├── Health Check
└── Enable Traffic
Every repository includes a deployment workflow at .github/workflows/deploy.yml.
Typical steps:
- Checkout repository
- Run tests
- Build Docker image
- SSH into server
- Pull latest code
- Restart containers
- Run health checks
Deployment command:
docker compose up -d --buildThe platform uses rolling updates to keep applications available during deployments.
Current version (v1) running
│
▼
Start new container (v2)
│
Health check passes
│
▼
Switch traffic to v2
│
▼
Stop v1
Docker Compose starts the new container before removing the old one. The reverse proxy (Caddy) only forwards traffic to healthy services.
services:
app:
build: ./app
restart: always
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
interval: 10s
timeout: 5s
retries: 5If the health check fails, traffic stays on the previous version.
Migrations run automatically as part of the deployment pipeline, after the application container starts, by executing alembic inside the running container.
Deploy started
│
▼
Start containers
│
▼
Run migrations (inside container)
│
▼
Health check
Migration command:
docker compose exec app alembic -c app/alembic.ini upgrade headTo avoid downtime during schema changes:
- Add columns before removing columns
- Avoid destructive migrations
- Use multi-step schema evolution
Example safe pattern:
Deploy 1: Add new column
Deploy 2: Start using new column
Deploy 3: Remove old column
Every application must provide a health endpoint:
GET /health → {"status": "ok"}
After deployment, the workflow verifies the application is healthy:
curl https://app.example.com/healthThe platform supports promotion through environments:
Pull Request → Preview environment
Merge to develop → Staging deployment
Merge to main → Production deployment
| Branch | Environment |
|---|---|
| PR branch | Preview |
develop |
Staging |
main |
Production |
| Feature | Implementation |
|---|---|
| CI/CD | GitHub Actions |
| Zero-downtime deploys | Rolling container updates |
| Database migrations | Alembic |
| Preview environments | PR deployments |
| Object storage | MinIO |
| Queue system | Redis + Celery |
| Reverse proxy | Caddy |
| TLS | Automatic via Let's Encrypt |
| Persistent storage | /data volume |
| Transactional email | External provider |