What is the purpose of the CI/CD pipeline for the Uplifty project?
To automate the deployment process and enforce code quality checks
The pipeline includes automated checks on pull requests and requires manual approval for deployments.
What happens every time a pull request is made to dev?
Automated checks run: lint, typecheck, tests, build, and Firebase Robo test
Only PRs that pass all checks can be merged into dev.
What is the role of Workflow A in the CI/CD pipeline?
Runs checks on pull requests: lint, typecheck, unit tests, builds APK, and runs Firebase Robo test
This workflow does not require environment secrets or approval.
What does Workflow B do in the CI/CD pipeline?
Triggers on push to dev, deploys Supabase edge functions, and publishes APK to Firebase
This workflow requires manual approval and uses environment-scoped secrets.
What is the function of the GitHub Environment called ‘testing’?
Pauses jobs for manual approval and provides access to environment-scoped secrets
Required reviewers must approve jobs that specify this environment.
What are the required reviewers for the ‘testing’ environment?
- Yourself
- Scott
- Any code owners
Reviewers must approve jobs before they can proceed.
What is the file path for Workflow A?
.github/workflows/pr-checks.yml
This workflow validates code quality before merging.
What is the trigger for Workflow B?
Push to dev (after a PR is merged)
This workflow handles deployment tasks.
What must be enabled in the branch protection rules for the dev branch?
- Require a pull request before merging
- Require approvals (1+)
- Require status checks to pass
- Require branch to be up to date
- Include administrators
These settings ensure code quality and review before merging.
What is the purpose of adding secrets in the testing environment?
To store required credentials securely for the deploy workflow
Environment secrets are isolated from repository-level secrets.
What are the required secrets for Supabase in the testing environment?
- SUPABASE_ACCESS_TOKEN
- SUPABASE_PROJECT_REF
These secrets are necessary for deploying Supabase functions.
What is the required secret at the repository level for the PR Checks workflow?
FIREBASE_SERVICE_ACCOUNT_JSON
This secret is needed for the Robo tests without using environment secrets.
What does the deploy workflow use to deploy Supabase functions?
supabase functions deploy (deploy all)
This command deploys every function under supabase/functions/.
What is the purpose of the validation checklist?
To verify that the CI/CD process works correctly before announcing to the team
It includes checks for each step of the workflow.
What should be communicated to the team regarding the new CI/CD rules?
- All feature work must go through a PR targeting dev
- CI must pass all checks before merging
- Merges trigger deployment with manual approval
- No direct pushes allowed
These rules ensure a structured and secure development process.
What is the status of the Supabase functions structure in the repository?
Correct, with each function having its own directory and necessary files
This structure allows the CLI to discover and deploy them properly.
What is the critical YAML configuration line for enforcing the approval gate?
environment: testing
This line ensures that jobs require manual approval and access to environment secrets.
What is the first step in configuring the GitHub environment?
Navigate to your GitHub repository and go to Settings → Environments
Create or edit the ‘testing’ environment to set up required reviewers.
