Understanding Deployment Approach

In this article, we’ll explore a robust deployment strategy that takes your code from feature branches all the way to a production-ready, serverless environment. By integrating continuous integration (CI), automated deployment, and security testing, you get fast feedback and confidence at every stage.

1. Feature Branch Deployment to AWS EC2

When a new commit is pushed to any feature branch, the CI pipeline automatically:

1. Executes build, unit tests, and lint checks.
2. Builds a Docker image and pushes it to a container registry.
3. Connects to a designated AWS EC2 instance via SSH.
4. Pulls and deploys the updated Docker image.
5. Runs integration tests against the EC2-hosted service.

This end-to-end validation on EC2 guarantees that new features won’t break existing functionality before merging.

2. Pull Request Validation with Kubernetes & DAST

On opening a pull request, we spin up an ephemeral preview environment:

1. Argo CD syncs the Docker image to a Kubernetes namespace.
2. Dynamic Application Security Testing (DAST) is performed using OWASP ZAP against the running application.

This stage provides rapid feedback on both functionality and security before code merges into main.

3. Main Branch Deployment to AWS Lambda

Once pull requests are merged into main, the pipeline proceeds to production:

1. Packages the application as an AWS Lambda deployment package.
2. Updates Lambda configuration (environment variables, memory allocation, timeouts).
3. Deploys via the AWS CLI or Infrastructure as Code tool.
4. Invokes the function to confirm successful deployment and correct behavior.

This serverless approach ensures scalability and cost-efficiency in your production environment.

Workflow Summary

Links and References

• AWS EC2
• AWS Lambda
• Argo CD
• OWASP ZAP
• CI/CD Best Practices