A Node.js and TypeScript project demonstrating a professional CI/CD pipeline using GitHub Actions, Google Container Registry (GCR), and Google Cloud Run.
This project is built to showcase a robust deployment workflow, implementing separate environments for Development and Production, automated image builds, and seamless deployment to Google Cloud Run.
- Runtime: Node.js (v18)
- Language: TypeScript
- Framework: Express.js
- Containerization: Docker
- Cloud Platform: Google Cloud (Cloud Run, GCR)
- CI/CD: GitHub Actions
The deployment follows a standard branching strategy mapped to specific environments.
| Environment | Branch | Trigger | Target Service | Deployed URL |
|---|---|---|---|---|
| Development | dev |
Push to dev |
backend-service |
dev-url |
| Production | main |
Push to main |
backend-service-prod |
prod-url |
The project uses three main workflows located in .github/workflows/:
-
- Triggered on pushes to the
devbranch. - Builds a Docker image.
- Pushes the image to GCR with the Git SHA as the tag.
- Deploys the image to the Development Cloud Run service.
- Triggered on pushes to the
-
- Triggered on pushes to the
mainbranch. - Builds a Docker image.
- Pushes the image to GCR with both the Git SHA and
latesttags. - Deploys the image to the Production Cloud Run service.
- Triggered on pushes to the
-
- Triggered on pull requests to
mainanddev. - Ensures the code builds correctly before merging.
- Triggered on pull requests to
All endpoints are prefixed with /api.
{
"id": "string",
"name": "string",
"email": "string"
}| Method | Endpoint | Description | Request Body |
|---|---|---|---|
GET |
/api/users |
List all users | None |
GET |
/api/users/:id |
Get user by ID | None |
POST |
/api/users |
Create new user | { "id": "...", "name": "...", "email": "..." } |
DELETE |
/api/users/:id |
Delete user | None |
To make the pipelines work, the following secrets must be configured in your GitHub Repository settings:
PROJECT_ID: Your Google Cloud Project ID.REGION: The GCP region for deployment (e.g.,us-central1).GCP_SA_KEY: The JSON key for a Google Cloud Service Account with permissions for:- Storage Admin (for GCR)
- Cloud Run Admin
- Service Account User
- Node.js v18+
- Docker (optional, for local container testing)
npm installnpm run devnpm run build
npm startThe project includes a multi-stage Dockerfile to ensure small, secure, and efficient production images.
- Build Stage: Compiles TypeScript to JavaScript.
- Production Stage: Installs only production dependencies and runs the compiled code.
- Uses
helmetfor basic security headers. - Uses
morganfor request logging. service_account.jsonshould never be committed to version control in a real project (use it securely through GitHub secrets).