This directory contains CI/CD pipeline documentation, deployment strategies, and operational procedures for the Street Support Platform.
Purpose: Complete CI/CD pipeline documentation for automated testing and deployment
File: .github/workflows/test-and-deploy.yml
Key Features:
- Two-stage workflow: Test → Deploy
- Fork PR vs trusted PR handling
- Automatic data fetching with fallbacks
- Slack and Trello integrations
- Security-first secret management
- MSW-style E2E testing with automatic mock activation
Status: ✅ Active production workflow
Purpose: Security guide for managing sensitive configuration and API keys
Key Topics:
- GitHub secrets configuration
- Environment variable management
- Database connection security
- API key rotation procedures
- Local development setup
Status: ✅ Current security practices
Purpose: Complete Vercel deployment setup and configuration guide
Key Topics:
- Project settings and environment variables
- Deployment protection setup
- GitHub Actions integration
- Monitoring and troubleshooting
- Security configuration
Status: ✅ Current deployment practices
GitHub Repository
↓
GitHub Actions
(Test & Build)
↓
Vercel Pro
(Host & Serve)
↓
MongoDB Atlas
(Data Storage)
- Production:
streetsupport.net(staging branch) - Preview: Auto-deployed PR previews (all branches)
- Local:
http://localhost:3000(development)
✅ Checkout code
✅ Setup Node.js (18.x, 20.x matrix)
✅ Install dependencies
✅ Run type checking
✅ Run unit tests
✅ Install Playwright browsers
✅ Run E2E tests (with mocks for PRs)
✅ Build production bundle✅ Deploy to Vercel
✅ Post Slack notification (optional)
✅ Update Trello card (optional)- ✅ Full access to GitHub secrets
- ✅ Real MongoDB connection
- ✅ Complete test suite with live data
- ✅ Slack/Trello integrations enabled
- ❌ No access to secrets (security)
- ✅ MSW-style mocks for E2E tests
- ✅ Complete test coverage maintained
- ✅ All quality gates enforced
# GitHub Repository Secrets
MONGODB_URI # Database connection
NEXT_PUBLIC_GOOGLE_MAPS_API_KEY # Maps integration
SLACK_WEBHOOK_URL # Notifications (optional)
TRELLO_API_KEY # Project management (optional)- Database: Read-only user for public API
- Deployment: Vercel integration with GitHub
- Secrets: GitHub repository secrets only
- Monitoring: Vercel analytics and error tracking
- TypeScript Compilation: Strict mode, zero errors
- Linting: ESLint with accessibility rules
- Unit Tests: Jest with coverage requirements
- E2E Tests: Playwright with mock fallbacks
- Build Verification: Production bundle success
- Code Review: Required for all PRs
- Security Review: For secret-related changes
- Performance Review: For large changes
- Accessibility Review: For UI changes
- Vercel Analytics: Page load times, Core Web Vitals
- Real User Monitoring: Lighthouse metrics
- Error Tracking: Automatic error reporting
- Uptime Monitoring: 99.9% availability target
- GitHub: Failed workflow notifications
- Slack: Deployment status updates
- Email: Critical error notifications
- Vercel Dashboard: Performance insights
- Feature Development: Work on feature branch
- Pull Request: Create PR with comprehensive tests
- Automated Testing: Wait for all checks to pass
- Code Review: Peer review and approval
- Merge: Auto-deploy to staging/production
- Verification: Smoke test deployed changes
- Identify Issue: Monitor alerts and user feedback
- Quick Fix: If simple, push hotfix directly
- Rollback: Use Vercel dashboard to revert deployment
- Investigation: Analyze root cause
- Fix & Redeploy: Implement proper fix and test
# Production data never modified by CI/CD
# Read-only access only
# Fallback data maintained for testing# Required environment variables
MONGODB_URI=mongodb+srv://... # Database connection
NEXT_PUBLIC_GOOGLE_MAPS_API_KEY=... # Maps API key
# Optional for testing
USE_API_MOCKS=true # Force mock mode
SKIP_FETCH=true # Skip data fetching# Vercel automatically injects:
VERCEL=1 # Deployment detection
VERCEL_ENV=production # Environment type
VERCEL_URL=streetsupport.net # Deployment URL
# Plus all GitHub secrets- Bundle Analysis: Automatic bundle size tracking
- Code Splitting: Dynamic imports for large components
- Tree Shaking: Remove unused code
- Asset Optimisation: Images, fonts, and static assets
- Serverless Functions: Auto-scaling API routes
- CDN: Global edge caching via Vercel
- Database: Connection pooling and query optimisation
- Caching: Strategic response caching
staging (production) ← Stable releases deployed to production
↑
feature branches ← Development work
↑
fork branches ← External contributor work
- Semantic Versioning: Major.Minor.Patch
- Automated Changelog: Generated from commit messages
- Git Tags: Mark release points
- Release Notes: Document user-facing changes
- Deploy Frequency: Daily deployments target
- Lead Time: <2 hours from commit to production
- Failure Rate: <5% deployment failures
- Recovery Time: <15 minutes rollback capability
- Uptime: 99.9% availability target
- Performance: <2s page load times
- Error Rate: <1% application errors
- User Satisfaction: High accessibility scores
- Project Planning - Deployment architecture decisions
- Testing - Quality assurance in CI/CD
- Development - Local development setup
- Design System - Component testing in pipeline