Script Valley
REST API Development: Complete Course from Beginner to Production
Production and Best Practices: Logging, Monitoring, Documentation, and DeploymentLesson 6.5

CI/CD, Health Checks, and Production Readiness Checklist

CI/CD pipeline, GitHub Actions, health check endpoint, readiness probe, liveness probe, graceful shutdown, 12-factor app, production checklist

CI/CD, Health Checks, and Production Readiness Checklist

A REST API is production-ready not when it works on your laptop, but when it can be deployed automatically, monitored continuously, and recovered gracefully from failures. This final lesson covers the operational practices professional engineering teams use to run APIs reliably at scale.

DiagramCI/CD Pipeline for REST APIs

IMAGE PROMPT (replace this block with your generated image):

Flat horizontal CI/CD pipeline diagram on white background. Title: REST API CI/CD Pipeline (GitHub Actions). Event trigger box on far left: Developer pushes code (git push icon). Arrow right to six sequential stage boxes connected by arrows. Stage 1: Lint — ESLint icon, label Check code style. Stage 2: Unit Tests — Jest icon, label Run unit tests. Stage 3: Integration Tests — Supertest + DB icon, label Test endpoints with test DB. Stage 4: Build Docker Image — Docker whale icon, label docker build -t app:sha. Stage 5: Push to Registry — Cloud icon, label Push to Docker Hub or ECR. Stage 6: Deploy — Rocket icon, label Update production containers. Each stage box filled with progressively deeper shades of #3A5EFF from light to dark left to right. Between Stages 3 and 4: a gate labeled 80% coverage check with a red X branch labeled Block deploy if tests fail. Final stage has a small health check badge labeled /health returns 200. White background, clean horizontal flow.

Health Check Endpoints

app.get('/health', async (req, res) => {
  const dbStatus = mongoose.connection.readyState === 1 ? 'healthy' : 'unhealthy';
  const redisStatus = await redisClient.ping() === 'PONG' ? 'healthy' : 'unhealthy';
  const status = dbStatus === 'healthy' && redisStatus === 'healthy' ? 200 : 503;

  res.status(status).json({
    status: status === 200 ? 'healthy' : 'degraded',
    timestamp: new Date().toISOString(),
    version: process.env.npm_package_version,
    dependencies: { database: dbStatus, cache: redisStatus }
  });
});

Graceful Shutdown

const shutdown = async (signal) => {
  logger.info(`${signal} received, shutting down gracefully`);
  server.close(async () => {
    await mongoose.connection.close();
    await redisClient.quit();
    logger.info('Shutdown complete');
    process.exit(0);
  });
  setTimeout(() => process.exit(1), 30000);
};

process.on('SIGTERM', () => shutdown('SIGTERM'));
process.on('SIGINT', () => shutdown('SIGINT'));

Production Readiness Checklist

Before deploying to production, verify: all secrets in environment variables (not code), HTTPS enforced, security headers set (helmet), CORS configured with whitelist, rate limiting enabled on all endpoints, input validation and sanitization on all inputs, centralized error handling with no stack traces in responses, structured JSON logging with correlation IDs, error monitoring configured (Sentry), health check endpoint operational, database connection pooling configured, response compression enabled, Docker image builds successfully, all tests passing with 80% coverage, and OpenAPI documentation up to date.

Ready to practice?

MCQs · Mini project