[BE-03] Production Docker Compose + GitHub Actions CI/CD Pipelines

[mftee]

⚠️ Depends on: [BE-01] TypeORM Migrations & Observability Stack — the migration entrypoint and health check must exist before the Docker setup can be finalized.

Overview

The project has no production Dockerfiles, no orchestration for all services, and no automated CI pipelines. Any deployment is currently manual and error-prone. This issue delivers production-ready Dockerfiles for backend and frontend, a docker-compose.prod.yml that runs all four services together, and GitHub Actions workflows that gate every pull request.

Technical Details

1. Backend Dockerfile (backend/Dockerfile)

Multi-stage build:

• Stage 1 (builder): node:20-alpine, install all deps, run npm run build
• Stage 2 (runner): node:20-alpine, copy dist/ + prod-only node_modules/, run as non-root user node
• Entrypoint: sh -c "npm run migration:run && node dist/main.js"
• EXPOSE 6006

2. Frontend Dockerfile (frontend/Dockerfile)

Multi-stage build:

• Stage 1 (builder): node:20-alpine, install deps, run npm run build (Next.js standalone output — add output: 'standalone' to next.config.ts)
• Stage 2 (runner): copy .next/standalone/ and .next/static/, run as non-root user node
• EXPOSE 3000

3. Production Docker Compose (docker-compose.prod.yml)

Four services on a shared freightflow bridge network:

• postgres: postgres:15-alpine, persistent named volume, health check using pg_isready
• redis: redis:7-alpine, persistent named volume, health check using redis-cli ping
• backend: built from ./backend/Dockerfile, depends_on both postgres and redis with condition: service_healthy, all env vars from .env.production
• frontend: built from ./frontend/Dockerfile, depends_on backend, env NEXT_PUBLIC_API_URL
• All services: restart: unless-stopped

4. Backend CI (.github/workflows/backend-ci.yml)

Triggers: pull_request to main
Jobs (run in order):

1. Install deps: npm ci in backend/
2. Lint: npm run lint
3. Unit tests: npm run test
4. Build: npm run build
5. Migration dry-run: spin up a postgres:15 service container and run npm run migration:run

5. Frontend CI (.github/workflows/frontend-ci.yml)

Triggers: pull_request to main
Jobs:

1. Install deps: npm ci in frontend/
2. Type-check: npx tsc --noEmit
3. Lint: npm run lint
4. Build: npm run build

Acceptance Criteria

• docker build -f backend/Dockerfile backend/ completes without errors
• docker build -f frontend/Dockerfile frontend/ completes without errors
• docker compose -f docker-compose.prod.yml up brings all 4 services up healthy
• Backend container runs migrations before starting the API server
• Backend CI workflow passes on a clean PR (all 5 jobs green)
• Frontend CI workflow passes on a clean PR (all 4 jobs green)
• No credentials are hardcoded in any Dockerfile or Compose file

[Glittersup]

@Glittersup has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I am very interested in resolving this issue. I have extensive hands-on experience designing, building, and testing decentralized applications, giving me the cross-stack knowledge required to handle the smart contracts, backend infrastructure, and frontend flows

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Glittersup to this issue.

[Seunfunmi-319509]

@Seunfunmi-319509 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi

Please assign me this task. I’ll implement the production Docker and CI/CD setup with multi-stage builds, production Compose orchestration, and automated backend and frontend workflows.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Seunfunmi-319509 to this issue.

[RUKAYAT-CODER]

@RUKAYAT-CODER has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi am a full stack developer. Can i work on this task?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @RUKAYAT-CODER to this issue.

[grantfox-oss]

🦊 GrantFox — @RUKAYAT-CODER has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #960)
2. Your PR will be reviewed by the CodeGirlsInc maintainers

Good luck! Track your progress on GrantFox.

[drips-wave]

Congratulations, @RUKAYAT-CODER! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @RUKAYAT-CODER: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[grantfox-oss]

🎉 This issue has been marked as completed on GrantFox as part of the Official Campaign campaign!

@RUKAYAT-CODER's PR #1076 was approved and merged by @mftee.

🏆 @RUKAYAT-CODER: You earned 35 FoxPoints for this contribution! Your current tier: Explorer (541 total points). Track your full progress on GrantFox.

👏 Great work, @RUKAYAT-CODER! Keep contributing to CodeGirlsInc.

[drips-wave]

This issue has been completed by @RUKAYAT-CODER as part of the Stellar Wave Program's 6th Wave 🥳

😎 @RUKAYAT-CODER: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.