The website is currently in active development

BH Engineering
Back to Projects
DevopsCloud Infrastructure

DevOps Pipeline — Competency Bot

Published Apr 2026Team BH Engineering
/ Overview

End-to-end DevOps pipeline architecture for the Competency Bot, a private-firm assessment platform used to evaluate employee skills and track professional development across multiple departments.

The challenge: the client's existing deployment process was entirely manual — engineers would SSH into a VM, pull the latest code, and restart the service. Deployments took 30+ minutes, rollbacks were near-impossible, and there was zero visibility into what was running in production.

We designed and implemented a fully automated CI/CD pipeline using GitHub Actions with multi-environment support. The pipeline handles linting, type-checking, unit tests, Docker image builds, and deployments — all triggered automatically on push to staging or production branches.

Infrastructure was provisioned on Google Cloud Platform. The application runs on Cloud Run with auto-scaling configured to handle traffic spikes during assessment periods (when 500+ employees submit evaluations simultaneously). We migrated static assets to Cloud Storage buckets with CDN-backed delivery, which cut cold-start times by 60% and reduced container image sizes from 1.2GB to under 200MB.

Secrets management was a critical focus — we implemented a layered approach using Google Secret Manager integrated with GitHub Actions secrets, ensuring API keys, database credentials, and OAuth tokens are never exposed in code or logs. Environment-specific configurations are injected at deploy time with strict separation between staging and production.

Branch-based deployment strategies enable the team to ship with confidence: feature branches deploy to ephemeral preview environments, the staging branch auto-deploys to the staging Cloud Run service, and production deploys require a manual approval gate. Automated rollback triggers on health-check failures, reverting to the last known-good revision within 30 seconds.

Key outcomes: deployment time reduced from 30+ minutes to under 3 minutes, zero-downtime deployments achieved, and the engineering team can now ship multiple times per day instead of once a week.

/ Code
code
# GitHub Actions workflow (simplified)
name: Deploy to Cloud Run
on:
  push:
    branches: [main, staging]

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: google-github-actions/auth@v2
        with:
          credentials_json: ${{ secrets.GCP_SA_KEY }}
      - name: Build & Push to Artifact Registry
        run: |
          docker build -t $REGION-docker.pkg.dev/$PROJECT/$REPO/$IMAGE:$SHA .
          docker push $REGION-docker.pkg.dev/$PROJECT/$REPO/$IMAGE:$SHA
      - name: Deploy to Cloud Run
        uses: google-github-actions/deploy-cloudrun@v2
        with:
          service: competency-bot-${{ github.ref_name }}
          image: ${{ env.IMAGE_URI }}
          flags: --max-instances=10 --min-instances=1
Behes — Tournament ERP
Previous

Behes — Tournament ERP

Mentored Study
Next

Mentored Study

Interested in similar work?

Let's Build Something Together

Tell us what you're building. We'll come back with a proposed team, timeline, and outcomes inside a week.

Start a Project