Revique Portal Infrastructure
Documentation

Complete CI/CD Pipeline & AWS Infrastructure Guide

Project
Revique Portal (Frontend)
Environments
UAT · Production
Source Control
Bitbucket
Cloud Provider
AWS (us-east-2)
Date
April 2026
Table of Contents
01

Architecture Overview

BOTH ENVS

The Revique Portal uses a fully automated CI/CD pipeline. Developers push code to Bitbucket, which automatically mirrors the code to AWS CodeCommit. AWS CodePipeline then detects the change, builds the application using CodeBuild, and deploys the output to an S3 bucket served via CloudFront with HTTPS.

💻
Developer
Push
🪣
Bitbucket
Repo
📦
AWS
CodeCommit
🔨
AWS
CodeBuild
🪣
S3
Bucket
🌐
CloudFront
CDN
Live
Website
ℹ️ Auto-Trigger: AWS EventBridge monitors CodeCommit for branch updates and automatically starts CodePipeline — no manual intervention needed.
02

AWS Account Structure

ACCOUNTS
🟣
UAT Account
hptuat
559832164745
Profile Namehptuat
Regionus-east-2 (Ohio)
CodeCommit RepoPortal-UAT-Revique
Branchuat_v2
Domainportal.uat.revique.io
🔴
Production Account
hptprod
501304965564
Profile Namehptprod
Regionus-east-2 (Ohio)
CodeCommit RepoPortal-Prod-Revique
Branchmaster_v2
Domainportal.revique.io

Local AWS CLI Configuration

~/.aws/config 
# UAT Account
[profile hptuat]
region = us-east-2
output = json

# Production Account
[profile hptprod]
region = us-east-2
output = json
03

UAT Environment

UAT ONLY

Complete UAT Infrastructure

Component Name / Value Details
AWS Account ID 559832164745 hptuat profile
CodeCommit Repo Portal-UAT-Revique Source repository in AWS
Branch uat_v2 Triggers pipeline on push
CodeBuild Project revique-ui-uat-build-project Builds React app
CodePipeline revique-ui-uat Orchestrates Source→Build→Deploy
Artifact S3 Bucket codepipeline-us-east-2-76a8443243b5-479b-bb96-e72bad77cef8 Pipeline artifacts storage
Deploy S3 Bucket portal.uat.revique.io Static website hosting
CloudFront Distribution ET8GOKRBFDTA0 dif5t4g0qtm.cloudfront.net
SSL Certificate ACM (us-east-1) portal.uat.revique.io — ISSUED
Live URL https://portal.uat.revique.io Public HTTPS URL
API Backend api.uat.hellopatients.com API Gateway → Lambda
API Gateway ID e5vhce1xnb Stage: v1
EventBridge Rule Portal-UAT-CodeCommit-Trigger Auto-triggers pipeline on push
CodePipeline Role AWSCodePipelineServiceRole-us-east-2-Portal-UAT-Pipeline IAM role for pipeline
CodeBuild Role codebuild-Portal-UAT-Build-service-role IAM role for build

UAT Environment Variables (.env.uat)

.env.uat 
VITE_AI_BASE_URL=https://sleepy-basin-33614-067a01f695d7.herokuapp.com
VITE_BASE_URL=https://api.uat.hellopatients.com
VITE_IOT_ENDPOINT=a1us6xreawsz2f-ats.iot.us-east-2.amazonaws.com
VITE_REGION=us-east-2

UAT Pipeline Stages

📂
Source
CodeCommit
🔨
Build
CodeBuild
🚀
Deploy
Amazon S3
No Manual Approval Required for UAT. Every push to uat_v2 branch automatically goes through Source → Build → Deploy without any manual intervention.
04

Production Environment

PROD ONLY

Complete Production Infrastructure

Component Name / Value Details
AWS Account ID 501304965564 hptprod profile
CodeCommit Repo Portal-Prod-Revique Source repository in AWS
Branch master_v2 Triggers pipeline on push
CodeBuild Project revique-ui-prod-build-project Builds React app
CodePipeline revique-ui-prod Orchestrates Source→Build→Approve→Deploy
Artifact S3 Bucket codepipeline-us-east-2-portal-prod-revique Pipeline artifacts storage
Deploy S3 Bucket portal.revique.io Static website hosting
CloudFront Distribution E3R4LE4GIAWP98 d35mar8e2zsmt8.cloudfront.net
SSL Certificate ACM (us-east-1) portal.revique.io — ISSUED
Live URL https://portal.revique.io Public HTTPS URL
API Backend api.hellopatients.com Production API
EventBridge Rule Portal-Prod-CodeCommit-Trigger Auto-triggers pipeline on push
Manual Approval ✅ ENABLED Required before Deploy stage
CodePipeline Role AWSCodePipelineServiceRole-us-east-2-Portal-Prod-Pipeline IAM role for pipeline
CodeBuild Role codebuild-Portal-Prod-Build-service-role IAM role for build

Production Environment Variables (.env.prod)

.env.prod 
VITE_AI_BASE_URL=https://sleepy-basin-33614-067a01f695d7.herokuapp.com
VITE_BASE_URL=https://api.hellopatients.com
VITE_IOT_ENDPOINT=a1us6xreawsz2f-ats.iot.us-east-2.amazonaws.com
VITE_REGION=us-east-2

Production Pipeline Stages (With Manual Approval)

📂
Source
CodeCommit
🔨
Build
CodeBuild
⏸️
Manual
Approval
🚀
Deploy
Amazon S3
⚠️ Manual Approval Required for Production! After Build completes, someone must go to AWS Console → CodePipeline → revique-ui-prod → Click "Review" → Click "Approve" before the Deploy stage runs.

How to Approve Production Deployment

  • 1Go to AWS Console → CodePipeline → revique-ui-prod
  • 2Wait for Build stage to complete (green checkmark)
  • 3In the Approve stage, click "Review" button
  • 4Add a comment (optional) and click "Approve"
  • 5Deploy stage will automatically start
  • 6Verify on https://portal.revique.io
05

Bitbucket Pipeline Configuration

BOTH ENVS

Repository Variables Required

Variable NameValueSecuredPurpose
SSH_KEY_ID APKAUIBIW26KCTYJAAWQ NO IAM SSH Key ID for CodeCommit authentication
BITBUCKET_SSH_KEY_FILE (auto-provided by Bitbucket) YES SSH private key file path

Complete bitbucket-pipelines.yml

bitbucket-pipelines.yml 
image: atlassian/default-image:2
pipelines:
  branches:
    # ── HPTUI-2.0 Branches (hptdev account) ──
    master:
      - step:
          name: Push to CodeCommit (master)
          script:
            - git fetch --unshallow
            - echo "Host git-codecommit.*.amazonaws.com" >> ~/.ssh/config
            - echo "  User $SSH_KEY_ID" >> ~/.ssh/config
            - echo "  IdentityFile $BITBUCKET_SSH_KEY_FILE" >> ~/.ssh/config
            - git remote add codecommit ssh://git-codecommit.us-east-2.amazonaws.com/v1/repos/HPTUI-2.0
            - git push codecommit ${BITBUCKET_BRANCH}
    master_v2:
      - step:
          name: Push to CodeCommit (master_v2 → PROD)
          script:
            - git fetch --unshallow
            - echo "Host git-codecommit.*.amazonaws.com" >> ~/.ssh/config
            - echo "  User $SSH_KEY_ID" >> ~/.ssh/config
            - echo "  IdentityFile $BITBUCKET_SSH_KEY_FILE" >> ~/.ssh/config
            - git remote add codecommit ssh://git-codecommit.us-east-2.amazonaws.com/v1/repos/Portal-Prod-Revique
            - git push codecommit ${BITBUCKET_BRANCH}
    uat_v2:
      - step:
          name: Push to CodeCommit (uat_v2 → UAT)
          script:
            - git fetch --unshallow
            - echo "Host git-codecommit.*.amazonaws.com" >> ~/.ssh/config
            - echo "  User $SSH_KEY_ID" >> ~/.ssh/config
            - echo "  IdentityFile $BITBUCKET_SSH_KEY_FILE" >> ~/.ssh/config
            - git remote add codecommit ssh://git-codecommit.us-east-2.amazonaws.com/v1/repos/Portal-UAT-Revique
            - git push codecommit ${BITBUCKET_BRANCH}

Branch to Environment Mapping

Bitbucket BranchCodeCommit RepoAWS AccountEnvironment
uat_v2 Portal-UAT-Revique hptuat (559832164745) UAT
master_v2 Portal-Prod-Revique hptprod (501304965564) PRODUCTION
06

Complete CI/CD Flow

BOTH ENVS
🟣
UAT Flow
  • 1Developer pushes to uat_v2 branch on Bitbucket
  • 2Bitbucket Pipeline triggers automatically
  • 3Pipeline runs git fetch --unshallow
  • 4Code pushed to Portal-UAT-Revique CodeCommit
  • 5EventBridge detects CodeCommit update
  • 6CodePipeline revique-ui-uat starts
  • 7CodeBuild runs buildspec.yml
  • 8Runs npm install && npm run builduat
  • 9Deploys dist/ to portal.uat.revique.io S3
  • Live at https://portal.uat.revique.io
🔴
Production Flow
  • 1Developer pushes to master_v2 branch on Bitbucket
  • 2Bitbucket Pipeline triggers automatically
  • 3Pipeline runs git fetch --unshallow
  • 4Code pushed to Portal-Prod-Revique CodeCommit
  • 5EventBridge detects CodeCommit update
  • 6CodePipeline revique-ui-prod starts
  • 7CodeBuild runs buildspec.yml
  • 8Runs npm install && npm run buildprod
  • ⏸️PAUSES for Manual Approval!
  • 9Approver clicks Approve in AWS Console
  • 10Deploys dist/ to portal.revique.io S3
  • Live at https://portal.revique.io
07

BuildSpec Configuration

BOTH ENVS
🟣
buildspec.yml (UAT)
yaml
version: 0.2

phases:
  pre_build:
    commands:
      - node -v
      - npm -v
      - rm -Rf node_modules/
      - npm install
  build:
    commands:
      - echo "Building for $ENV"
      - "npm run build$ENV"

artifacts:
  files:
    - '**/*'
  discard-paths: no
  base-directory: dist
🔴
buildspec.yml (PROD)
yaml
version: 0.2

phases:
  pre_build:
    commands:
      - node -v
      - npm -v
      - rm -Rf node_modules/
      - npm install
  build:
    commands:
      - echo "Building for $ENV"
      - "npm run build$ENV"

artifacts:
  files:
    - '**/*'
  discard-paths: no
  base-directory: dist

Build Commands Explanation

CommandWhat it does
cp .env.uat .envCopies UAT env vars as the active .env file
cp .env.prod .env.productionCopies Prod env vars overriding .env.production
npm run builduatVite builds using .env + .env.uat files
npm run buildprodVite builds using .env + .env.production files
base-directory: distOnly the dist/ folder is uploaded to S3
08

Domain & SSL Setup

GODADDY + AWS

GoDaddy DNS Records

TypeNameValueEnvironment
CNAME portal.uat dif5t4g0qtm.cloudfront.net UAT
CNAME portal d35mar8e2zsmt8.cloudfront.net PROD

SSL Certificates (AWS ACM)

DomainCertificate ARNRegionStatus
portal.uat.revique.io arn:aws:acm:us-east-1:559832164745:certificate/d1a08201... us-east-1 ISSUED
portal.revique.io arn:aws:acm:us-east-1:501304965564:certificate/9fd1c034... us-east-1 ISSUED
ℹ️ Important: SSL Certificates MUST be in us-east-1 region for CloudFront to use them, even though all other resources are in us-east-2.

CloudFront Distributions

Distribution IDDomainOrigin (S3)Environment
ET8GOKRBFDTA0 dif5t4g0qtm.cloudfront.net portal.uat.revique.io.s3-website.us-east-2.amazonaws.com UAT
E3R4LE4GIAWP98 d35mar8e2zsmt8.cloudfront.net portal.revique.io.s3-website.us-east-2.amazonaws.com PROD
09

Developer Checklist

DEVELOPERS
🟣
Deploy to UAT
  • Make your code changes locally
  • Test locally with npm run builduat
  • Commit your changes
  • Push to uat_v2 branch on Bitbucket
  • Bitbucket pipeline will auto-trigger
  • Wait ~3-5 mins for build to complete
  • Check https://portal.uat.revique.io
✅ No manual steps required!
🔴
Deploy to Production
  • Ensure code is tested on UAT first
  • Commit your changes
  • Push to master_v2 branch on Bitbucket
  • Bitbucket pipeline will auto-trigger
  • Wait for Build stage to complete
  • ⏸️Go to AWS Console → CodePipeline
  • ⏸️Click Review → Approve
  • Wait ~2 mins for deploy
  • Check https://portal.revique.io
⚠️ Manual approval required before deploy!

Quick Reference Commands

CLI Reference 
# Check UAT Pipeline Status
aws codepipeline get-pipeline-state --name revique-ui-uat --profile hptuat

# Manually Trigger UAT Pipeline
aws codepipeline start-pipeline-execution --name revique-ui-uat --profile hptuat

# Check PROD Pipeline Status
aws codepipeline get-pipeline-state --name revique-ui-prod --profile hptprod

# Manually Trigger PROD Pipeline
aws codepipeline start-pipeline-execution --name revique-ui-prod --profile hptprod

# Get Approval Token for PROD
aws codepipeline get-pipeline-state \
  --name revique-ui-prod --profile hptprod \
  --query 'stageStates[?stageName==`Approve`].actionStates[0].latestExecution.token' \
  --output text

# Approve PROD Deployment via CLI
aws codepipeline put-approval-result \
  --pipeline-name revique-ui-prod \
  --stage-name Approve \
  --action-name ManualApproval \
  --result '{"summary":"Approved","status":"Approved"}' \
  --token YOUR_TOKEN \
  --profile hptprod

Troubleshooting

IssueCauseFix
Bitbucket pipeline fails SSH key issue Check SSH_KEY_ID variable in Bitbucket settings
CodeBuild fails Missing permissions Check CodeBuild IAM role permissions
Deploy fails — S3 Access Denied CodePipeline role missing S3 permissions Add S3PutObject permission to pipeline role
Pipeline not auto-triggering EventBridge rule not configured Check EventBridge rule and target role
Wrong API URL in build .env file not copied correctly in buildspec Verify cp command in buildspec.yml pre_build
Site shows old content CloudFront cache Create CloudFront invalidation: /*