Overview
The Risk Legion backend is deployed to AWS EC2 using Docker containers, with automated CI/CD via GitHub Actions.Architecture
CI/CD Pipeline
The pipeline (.github/workflows/backend-deploy.yml) runs on pushes to main and staging:
Jobs
- Setup - Prepare environment
- Test - Lint, type-check, run tests
- Build - Build and push Docker image to GHCR
- Deploy - SSH to EC2 and deploy container
Triggers
Docker Configuration
Dockerfile
docker-compose.yml
Deployment Steps
1. EC2 Instance Setup
2. Configure nginx
3. SSL Certificate
4. Deploy Container
GitHub Actions Configuration
Required Secrets
Environment-Specific Deployment
Health Verification
After deployment, verify health:Rollback Procedure
Quick Rollback
Via GitHub Actions
Re-run a previous successful deployment:- Go to Actions → workflow runs
- Find successful deployment
- Click “Re-run all jobs”
Scaling
Horizontal Scaling
Add more EC2 instances behind a load balancer:- Create Application Load Balancer (ALB)
- Create target group
- Add EC2 instances to target group
- Point domain to ALB
Vertical Scaling
Upgrade EC2 instance size:Troubleshooting
Container won't start
Container won't start
502 Bad Gateway
502 Bad Gateway
- Container might not be running
- Check if port 8000 is accessible
- Verify nginx configuration
Deployment fails
Deployment fails
- Check GitHub Actions logs
- Verify EC2 SSH connectivity
- Check disk space on EC2
Performance issues
Performance issues
- Check container resource usage:
docker stats - Review slow queries in logs
- Consider scaling up instance