This is a Serverless AWS Lambda Function-based API for the Atithidev Website. It provides endpoints to manage hosts and reviews using MongoDB Atlas as the database. The API is deployed using the Serverless Framework with CI/CD automation.
- Fetch hosts and reviews 🗂️
- Insert new reviews 📝
- Fully serverless with AWS Lambda ⚡
- Uses MongoDB Atlas as the database 🗄️
- CI/CD automation with GitHub Actions 🤖
- ESLint integration for code quality enforcement ✅
- Automated old version cleanup from AWS S3 with Serverless Prune Plugin ✅
The project uses GitHub Actions for automated CI/CD pipelines, ensuring smooth and reliable deployments. Here's how it works:
- Trigger: 🚀 Pushing to the
mainbranch triggers the CI/CD pipeline. - Linting: ✅ ESLint runs to check code quality. If errors are found, the pipeline stops, and deployment is blocked.
- Dependency Installation: 📦 Only production dependencies (
--productionflag) are installed to optimize the deployment package. - Deployment: 🚀 The Serverless Framework deploys the application to AWS Lambda if all checks pass.
- Secure Credentials: 🔐 AWS credentials (
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEY) are securely managed using GitHub Secrets. - Pruning Old Versions: 🧹 The Serverless Prune Plugin is installed as a dependency and runs automatically to remove outdated versions from AWS S3, optimizing storage and cost..
- Faster Deployments: 🚀 Automated pipelines reduce manual effort and speed up deployments.
- Consistent Quality: ✅ ESLint ensures code quality is maintained across all deployments.
- Secure Practices: 🔐 Sensitive credentials are never exposed in the codebase.
- AWS Secrets Management: 🔐
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYare securely stored in GitHub Secrets to prevent exposure in the codebase. - Environment Variables Protection: 🚫 The
.envfile is added to.gitignoreto ensure sensitive information likeMONGO_URIis not accidentally committed to the repository. - Code Quality Enforcement: ✅ ESLint is integrated into the CI/CD pipeline to enforce coding standards and prevent low-quality or insecure code from being deployed.
- Least Privilege Principle: 🔑 AWS IAM roles are configured with minimal permissions required for the Lambda functions to interact with MongoDB Atlas and other AWS services.
- Database Security: 🗄️ MongoDB Atlas is configured with IP whitelisting, encryption at rest, and network isolation to ensure data security.
- Node.js (Runtime: 18.x) 🟢
- Express.js (Lightweight API Framework) 🚀
- MongoDB Atlas (Database) 🍃
- AWS Lambda (Serverless Functions) ⚡
- Serverless Framework (Deployment & CI/CD) 🛠️
- GitHub Actions (CI/CD Pipeline) 🤖
- ESLint (Code Quality) ✅
git clone https://github.com/ap-dev-github/atithidev-mongoose-api.git
cd atithidev-mongoose-apinpm installCreate a .env file in the root directory and add your MongoDB connection string:
MONGO_URI=your-mongodb-connection-stringNote: Make sure .env is added to .gitignore to prevent exposing secrets.
npx serverless offlineThis will start the API locally.
npx serverless deployThis will deploy the API to AWS.
| Method | Endpoint | Description |
|---|---|---|
GET |
/ |
Home route, checks if API is running |
GET |
/fetchHosts |
Fetch all hosts |
GET |
/fetchHosts/:state |
Fetch hosts by state |
GET |
/fetchHost/:id |
Fetch a host by ID |
GET |
/fetchReviews/host/:id |
Fetch reviews for a specific host |
POST |
/insert_review |
Insert a new review |
- AWS Credentials: Set up
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYas GitHub Secrets for CI/CD deployment. - MongoDB Connection: Ensure the
MONGO_URIis correctly set in your.envfile or AWS Lambda environment variables. - Serverless Framework: Install globally if not installed:
npm install -g serverless - Linting: The project uses ESLint for code quality. Run:
before deployment to check for issues.
npx eslint .
This project is licensed under the MIT License - see the LICENSE file for details.
Ayush Pandey | Contact: ayushpandey.cs@gmail.com 📧
LinkedIn: Ayush Pandey 🔗