Twin Documentation
  • Overview
  • Consumer
  • Developer
  • Operations
Dashboard Guide
Deploy
    Backend DeployFrontend DeployMigrations Checklist
MonitoringContracts & AddressesTroubleshooting
powered by Zudoku
Deploy

Backend Deploy

Pipeline

Code
push to main | v GitHub Actions triggered | v Build step: - npm ci - Build internal packages (utils -> database -> shared -> dashboard) - npm run build (NestJS) | v Docker build | v Push image to AWS ECR | v Deploy to AWS ECS (update service) | v ECS pulls new image, Doppler injects secrets at runtime | v Health check passes -> old task drained

Secrets Management

All backend secrets are managed in Doppler (not GitHub Secrets). Doppler injects environment variables at container runtime via the ECS task definition.

Examples of secrets in Doppler:

  • Database connection strings
  • BitGo API keys and Express URL
  • AWS credentials (SES, S3)
  • Oracle private keys / passphrases
  • RPC URLs
  • JWT secrets

Post-Deploy Steps

  1. Verify the ECS service stabilized (new task is RUNNING, old task is STOPPED).
  2. Check CloudWatch logs for startup errors.
  3. If migrations were included, verify they ran successfully (see Migrations Checklist).
  4. Verify cron jobs are running (check last run times in the dashboard).
  5. Smoke-test critical endpoints (health check, oracle price, etc.).
Last modified on April 29, 2026
DeployFrontend Deploy
On this page
  • Pipeline
  • Secrets Management
  • Post-Deploy Steps