Node.js CI/CD Pipelines — From Express to Production Without the Pain

Node.js applications often start simple — a single server.js file — but quickly grow into complex services with database connections, background workers, cron jobs, and WebSocket handlers. The deployment story has to evolve with the application, and most teams fall behind.

Database migrations are the number one source of deployment failures in Node.js apps. Whether you use Prisma, Knex, TypeORM, or raw SQL migrations, your pipeline must run migrations before the new code starts accepting traffic. Running them manually is a recipe for forgotten migrations and production outages.

Node.js's single-threaded nature means graceful shutdown handling is critical. Your pipeline needs to send SIGTERM, wait for in-flight requests to complete, close database connections, and only then terminate the process. Without this, deployments cause dropped requests and broken WebSocket connections.

We build a multi-stage Docker pipeline. The build stage installs dependencies with npm ci (using lockfile for deterministic installs), compiles TypeScript if applicable, and prunes dev dependencies. The production image uses node:20-alpine with a non-root user, producing images typically under 100 MB.

Testing runs in a Docker Compose environment that spins up your database (PostgreSQL, MongoDB, Redis) as service containers. Jest or Mocha tests run against real database instances, not mocks, giving you confidence that queries and migrations work correctly. We configure test parallelization and use --forceExit to prevent hanging test suites from blocking the pipeline.

Deployment uses a rolling update strategy with health check validation. The pipeline runs database migrations as a pre-deploy job, waits for confirmation, then rolls out the new version. If health checks fail within the first 60 seconds, an automatic rollback triggers. We also configure log aggregation so you can see exactly what happened during a failed deployment.

A production-ready CI/CD pipeline for your Node.js service:

• Optimized Docker image — multi-stage build, non-root user, under 100 MB
• Test pipeline — unit and integration tests against real database services in CI
• Database migrations — automated pre-deploy migration runs with rollback support
• Zero-downtime deployment — rolling updates with health check validation
• Graceful shutdown — proper SIGTERM handling configured and tested
• Secret management — environment variables injected securely, never baked into images
• Monitoring hooks — deploy events sent to your APM (Datadog, New Relic, etc.)

Always use npm ci instead of npm install in your pipeline. The ci command uses the lockfile exactly, deletes node_modules first, and is faster. This prevents the "works on my machine" problem where your local node_modules has packages that are not in the lockfile.

Pin your Node.js version explicitly. Use an .nvmrc file and reference it in both your Dockerfile and CI workflow. Node.js minor versions can introduce behavioral changes (especially in the fetch API and crypto module) that break production code silently.