Infrastructure Diagrams
CI/CD pipeline, AWS architecture, Cloudflare setup
CI/CD Pipeline Overview
DevOpsGitHub Actions ile AWS ECS ve Mobile artifact deployment. 7 workflow, 2 AWS account, 2 region + mobile builds.
flowchart TB
subgraph GH["GitHub Repository"]
MAIN["main branch"]
STAGING["staging branch"]
end
subgraph PATHS["Path Filters"]
FE_PATH["apps/tersane-nick-web/**"]
BE_PATH["apps/backend/**"]
ADMIN_PATH["apps/dxp-admin-web/**"]
MOBILE_PATH["apps/mobile/**"]
end
subgraph PROD_WF["Production Workflows"]
FE_PROD_WF["prod/frontend/deploy"]
BE_PROD_WF["prod/backend/deploy"]
end
subgraph STG_WF["Staging Workflows"]
FE_STG_WF["staging/frontend/deploy"]
BE_STG_WF["staging/backend/deploy"]
ADMIN_WF["staging/admin/deploy"]
end
subgraph MOBILE_WF["Mobile Workflows"]
ANDROID_WF["staging/mobile/android"]
IOS_WF["staging/mobile/ios"]
end
subgraph AWS_PROD["AWS Production - 957976799355"]
subgraph CA["ca-central-1"]
ECS_FE_PROD["Frontend ECS"]
end
subgraph EU_PROD["eu-central-1"]
ECS_BE_PROD["Backend ECS"]
end
end
subgraph AWS_STG["AWS Staging - 123644281811"]
subgraph EU_STG["eu-central-1"]
ECS_FE_STG["Frontend ECS"]
ECS_BE_STG["Backend ECS"]
ECS_ADMIN["Admin ECS"]
end
end
subgraph ARTIFACTS["GitHub Artifacts"]
APK["Android APK"]
IOS_SIM["iOS Simulator ZIP"]
end
MAIN --> FE_PATH & BE_PATH
STAGING --> FE_PATH & BE_PATH & ADMIN_PATH & MOBILE_PATH
FE_PATH --> FE_PROD_WF & FE_STG_WF
BE_PATH --> BE_PROD_WF & BE_STG_WF
ADMIN_PATH --> ADMIN_WF
MOBILE_PATH --> ANDROID_WF & IOS_WF
FE_PROD_WF --> ECS_FE_PROD
BE_PROD_WF --> ECS_BE_PROD
FE_STG_WF --> ECS_FE_STG
BE_STG_WF --> ECS_BE_STG
ADMIN_WF --> ECS_ADMIN
ANDROID_WF --> APK
IOS_WF --> IOS_SIM
style MAIN fill:#22c55e,stroke:#16a34a,color:#fff
style STAGING fill:#f59e0b,stroke:#d97706,color:#fff
style AWS_PROD fill:#dbeafe,stroke:#3b82f6
style AWS_STG fill:#fef3c7,stroke:#f59e0b
style ARTIFACTS fill:#f3e8ff,stroke:#8b5cf6
Multi-Account ve Multi-Platform Yapi
- Production (957976799355): Frontend (Canada) + Backend (Frankfurt)
- Staging (123644281811): Frontend + Backend + Admin (Frankfurt)
- Mobile: GitHub Artifacts'a APK ve iOS Simulator build
- OIDC Authentication: Secret key yerine role-based access
All Workflows (7)
| Workflow | Branch | Path Filter | Target | Region/Output |
|---|---|---|---|---|
| prod/frontend/deploy | main |
apps/tersane-nick-web/** |
AWS ECS | ca-central-1 |
| prod/backend/deploy | main |
apps/backend/**, packages/** |
AWS ECS | eu-central-1 |
| staging/frontend/deploy | staging |
apps/tersane-nick-web/**, packages/** |
AWS ECS | eu-central-1 |
| staging/backend/deploy | staging |
apps/backend/**, packages/** |
AWS ECS | eu-central-1 |
| staging/admin/deploy | staging |
apps/dxp-admin-web/**, packages/** |
AWS ECS | eu-central-1 |
| staging/mobile/android | staging |
apps/mobile/** |
GitHub Artifact | APK (arm64-v8a) |
| staging/mobile/ios | staging |
apps/mobile/** |
GitHub Artifact | Simulator ZIP |
AWS Accounts
| Account ID | Environment | Region | Services |
|---|---|---|---|
957976799355 |
Production | ca-central-1, eu-central-1 | Frontend, Backend |
123644281811 |
Staging | eu-central-1 | Frontend, Backend, Admin |
ECR Repositories
| Repository | Account | Apps |
|---|---|---|
nickelodeon/frontend |
Both | tersane-nick-web |
nickelodeon/backend |
Both | backend |
legendsdxp/admin |
Staging only | dxp-admin-web |
Mobile Build Pipeline
MobileReact Native (Expo) ile Android ve iOS build. Staging branch'e push ile tetiklenir.
flowchart LR
subgraph TRIGGER["Trigger"]
PUSH["Push to staging
apps/mobile/**"]
end
subgraph ANDROID["Android Build (ubuntu-latest)"]
A_SETUP["pnpm install
Java 20
Gradle"]
A_PREBUILD["expo prebuild
-p android"]
A_BUILD["gradlew assembleDebug
arm64-v8a"]
A_UPLOAD["Upload Artifact
app-debug.apk"]
end
subgraph IOS["iOS Build (macos-latest)"]
I_SETUP["pnpm install
Node 24"]
I_PREBUILD["expo prebuild
-p ios"]
I_PODS["pod install
cached"]
I_BUILD["xcodebuild
iphonesimulator"]
I_ZIP["ZIP .app"]
I_UPLOAD["Upload Artifact
simulator.zip"]
end
PUSH --> A_SETUP & I_SETUP
A_SETUP --> A_PREBUILD --> A_BUILD --> A_UPLOAD
I_SETUP --> I_PREBUILD --> I_PODS --> I_BUILD --> I_ZIP --> I_UPLOAD
Mobile Build Detaylari
- Framework: React Native with Expo
- Android: Debug APK, arm64-v8a architecture
- iOS: Simulator build (x86_64 + arm64), CODE_SIGNING_ALLOWED=NO
- Package Manager: pnpm
- Node Version: 24
- Java Version: Temurin 20 (Android)
- Artifacts: GitHub Actions artifacts olarak saklanir
Pipeline Detail - Step by Step
FlowHer deployment ayni adimlari takip eder: Checkout → OIDC Auth → Docker Build → ECR Push → ECS Deploy
flowchart LR
subgraph TRIGGER["1. Trigger"]
PUSH["Git Push"]
MANUAL["Manual Dispatch"]
end
subgraph AUTH["2. AWS Auth"]
OIDC["OIDC Token"]
ASSUME["Assume Role"]
end
subgraph BUILD["3. Build"]
TAG["Generate Tag
timestamp"]
DOCKER["Docker Build"]
end
subgraph REGISTRY["4. Registry"]
ECR_LOGIN["ECR Login"]
ECR_PUSH["Push Image"]
end
subgraph DEPLOY["5. Deploy"]
TASK["Get Task Def"]
RENDER["Render Task"]
ECS["Deploy ECS"]
end
PUSH --> OIDC
MANUAL --> OIDC
OIDC --> ASSUME
ASSUME --> ECR_LOGIN
ECR_LOGIN --> TAG
TAG --> DOCKER
DOCKER --> ECR_PUSH
ECR_PUSH --> TASK
TASK --> RENDER
RENDER --> ECS
Pipeline Adimlari
- 1. Trigger: Push veya manual dispatch ile baslar
- 2. Auth: OIDC token ile AWS role assume edilir (no secrets)
- 3. Build: Dockerfile ile image olusturulur, timestamp tag
- 4. Registry: ECR'a login ve image push
- 5. Deploy: Task definition guncellenir, ECS service yenilenir
AWS Architecture
PendingData Bekleniyor
AWS Console'dan servis listesi veya architecture export gerekli.
ECS, RDS, S3, CloudFront, ALB vs. servislerin tam listesi.
Cloudflare Setup
PendingData Bekleniyor
Cloudflare Dashboard'dan: DNS records, Workers, Pages, D1, KV, R2 vs.
Hangi servisler aktif kullaniliyor?