Unit tests (JUnit 5 + Mockito, 247 tests) and integration tests (Testcontainers, 84 tests) run as separate GitHub Actions jobs in parallel. The pipeline waits for both before proceeding — the integration tests are the bottleneck at ~2m 45s, not the unit tests.
Trivy scans the built Docker image for HIGH and CRITICAL CVEs before it ever reaches ECR. OWASP Dependency Check validates all 142 Maven dependencies against the NVD. Pipeline fails if either threshold is breached — security is non-negotiable in the delivery chain.
AWS CodeDeploy runs a blue/green deployment against ECS Fargate. A replacement task set receives 0% traffic until ALB health checks pass, then traffic shifts 10% → 50% → 100% over 90 seconds. The old task set drains connections before termination — zero dropped requests.
Total pipeline: ~10m 23s real · 3 parallel jobs · 331 tests · zero-downtime deploy · See the running architecture → · Need this built?