Deployment
CI/CD and infrastructure deployment
Architecture Overview
| Component | Service | Region |
|---|---|---|
| Web App | Cloudflare Pages | Edge (global) |
| API Server | AWS App Runner | us-east-1 |
| Worker | AWS App Runner | us-east-1 |
| Database | Neon Postgres | us-east-1 |
| Archives | AWS S3 | us-east-1 |
| Secrets | AWS Secrets Manager | us-east-1 |
CI/CD Pipeline
Deployments are managed through GitHub Actions with OIDC authentication to AWS.
Workflow Triggers
- Push to main: Deploy to production
- Pull requests: Run tests, type checking, preview deploy
- Manual: Workflow dispatch for rollbacks
Pipeline Steps
- Checkout code
- Install dependencies (
pnpm install) - Type check (
pnpm typecheck) - Run tests (
pnpm test) - Parser snapshot verification
- Build applications
- Deploy to target environment
Deploy Commands
# Deploy web app to Cloudflare Pages
pnpm --filter @posit/web deploy
# Deploy API to App Runner
pnpm --filter @posit/api deploy
# Deploy all
pnpm deploy:allParser Snapshot Gate
Critical: Deployments are blocked if parser snapshots change unexpectedly.
The parser snapshot gate ensures transaction parsing accuracy is maintained. If snapshots change:
- Review the diff carefully
- Verify changes against Solscan/Birdeye
- Update snapshots with
pnpm test -- -u - Get approval from parser code owner
Rollback
# Rollback web app
wrangler pages deployment rollback
# Rollback API (App Runner)
aws apprunner start-deployment --service-arn $SERVICE_ARN --source-configuration '...'Domain Configuration
| Domain | Target |
|---|---|
| positlabs.io | Marketing site (Cloudflare Pages) |
| app.positlabs.io | Web app (Cloudflare Pages) |
| api.positlabs.io | API server (App Runner) |
| dev.positlabs.io | Developer portal (Cloudflare Pages + Access) |
Note: DNS is managed through Cloudflare. API subdomain proxies through Cloudflare to App Runner.