Life ConnectLife Connect
Wiki index
Architecture
Services
Concepts
Runbooks
Infra
Swagger Docs
GitHub
Wiki index
Architecture
Services
Concepts
Runbooks
Infra
Swagger Docs
GitHub
  • Runbooks

    • Run the local stack
    • Deploy a PR preview
    • Provision a new environment
Last updated 2026-05-03

Deploy a PR preview

AI-generated content

This document was generated by an AI assistant. Verify accuracy before relying on the details.

Each PR can spin up a fully isolated stack in the adb-preview AWS account: VPC, ECS cluster, ALB, queues, S3 buckets, and ECS services running images built from the PR's HEAD SHA. Triggered by a /deploy PR comment (or the deploy-preview label, or manual workflow dispatch). Destroyed by /destroy, by removing the label, or automatically when the PR closes.

Trigger a deploy

In the PR's conversation tab, comment:

/deploy

Or apply the deploy-preview label.

GitHub Actions runs infra/scripts/pr-deploy.sh <pr> <sha>, which:

  1. Materialises infra/stacks/Pulumi.pr-<n>.yaml from the template.

  2. pulumi up --skip-preview against the adb-preview AWS account.

  3. Comments back the URLs:

    Preview deployed.
    - API: https://pr-<n>.preview.adb.example
    - UI:  https://pr-<n>.preview.app.adb.example
    

Tear it down

/destroy

Or remove the deploy-preview label. Or close the PR — pr-destroy.yml runs on PR closed and reaps the stack.

A nightly sweep (nightly-cleanup.yml) tears down any pr-* stack whose PR has been closed/merged for >24 h. So in normal flow you don't need to remember to destroy.

Cost considerations

Each preview is a full mini-environment: 9 Fargate Spot tasks (each 0.25 vCPU / 0.5 GB), one VPC, one ALB, fresh SQS queues. Rough back-of-envelope: ~€5–10/day per active preview. The nightly sweep keeps the bill predictable.

Common issues

  • /deploy posted but nothing happens → check the pr-deploy.yml workflow run. Most often: missing AWS_PREVIEW_DEPLOYER_ROLE_ARN repo secret, or the GitHub OIDC trust policy in adb-preview doesn't allow the PR ref.
  • Pulumi up fails on acm certificate not found → preview wildcard cert needs to be issued and validated in adb-preview once. See Current AWS state §10.
  • Container starts but /actuator/health 503s for >5 min → Spring Boot startup is slow on 0.25 vCPU. Bump sizing.preview.cpu in services.js for that service.

See also

  • ECS Fargate deploy lifecycle — the full lifecycle from push to running tasks.
Edit this page
Last Updated:
Contributors: Yevhenii Khudolii
Prev
Run the local stack
Next
Provision a new environment