Skip to content

Backend Stack

The CdkBackendStack manages the compute, networking, and CI/CD pipelines required to run the NestJS API.

Resource Inventory

1. Compute & Networking

  • AWS Fargate: Runs the NestJS application container.
    • Service: ApplicationLoadBalancedFargateService.
    • Auto-Scaling: Configured on CPU (target 80%) and Memory (target 80%).
    • Load Balancer: Public Application Load Balancer (ALB) handling HTTPS with an ACM Certificate.
    • VPC: Uses the Default VPC.
    • Security Groups:
      • Fargate SG: Allows inbound traffic from ALB.
      • Redis SG: Allows TCP traffic from Fargate.
      • RDS SG: Imports existing RDS SG to allow access from Fargate and Migration runners.

2. Data Stores

  • ElastiCache (Redis):
    • Cluster: A single-node redis cluster (cache.t2.small by default).
    • Subnet Group: Mapped to the VPC's private subnets.
    • Usage: Caching, Session store, and BullMQ job queues.
  • RDS (External):
    • The stack does not create the RDS instance.
    • It retrieves connection secrets (Host, User, Pass) from SSM Parameter Store to inject into containers.

3. Scheduled Tasks (EventBridge)

The stack creates EventBridge Rules to trigger API endpoints for recurring tasks: * Technician Queue Reset: Runs daily at 8:00 AM UTC (POST /salons/reset-queue). * Scheduled SMS: * Review SMS: Runs every minute. * Confirmation SMS: Runs every 30 minutes. * Campaign SMS: Runs every 15 minutes. * Mechanism: Uses ApiDestination with API Key authorization to securely call the backend endpoints.

CI/CD Architecture

The backend CI/CD process is split into two distinct pipelines: a CI Pipeline for building the image, and a CD Pipeline for deploying it.

sequenceDiagram
    participant GitHub
    participant CI as CI Pipeline (CodeBuild)
    participant ECR
    participant CD as CD Pipeline (CodeBuild)
    participant ECS

    Note over GitHub, ECR: 1. CI Phase
    GitHub->>CI: Commit to Branch
    CI->>CI: Build Docker Image
    CI->>ECR: Push Image (tag: latest)

    Note over ECR, ECS: 2. CD Phase
    ECR->>CD: Trigger on Push
    CD->>RDS: Run Migrations (npm run migration:run)
    CD->>ECS: Deploy (Rolling Update)
    ECS->>ECS: Replace Tasks

1. CI Pipeline (backend-ci-pipeline)

  • Purpose: Builds the Docker image from source and pushes it to the container registry.
  • Triggers: Commits to the GitHub branch (e.g., develop or main).
  • Stages:
    • Source: GitHub (CodeStarConnectionsSourceAction).
    • Build: Runs a CodeBuild project (backend-build-project) to:
      • Login to ECR.
      • Build the Docker image.
      • Push the image to ECR with the latest tag.

2. CD Pipeline (backend-cd-pipeline)

  • Purpose: Deploys the new ECR image to the running ECS Fargate service.
  • Triggers: Automatically triggered when a new image is pushed to ECR with the latest tag.
  • Stages:
    • Source: Watch ECR Repository.
    • Migration: Runs a dedicated CodeBuild project (ecs-migration-project) that executes npm run migration:run. This ensures the database schema is up-to-date before the new application code starts.
    • Build: Generates the imagedefinitions.json artifact required by ECS.
    • Deploy: Updates the Fargate Service using EcsDeployAction (Rolling Update), replacing old tasks with new ones.