GraV-IT
← All work

2019 · Lead developer · Oct 2019 – Apr 2026

SignerX Infrastructure

For SignerX

Inherited a struggling deployment pipeline at SignerX in 2019; turned it into a blue/green CI/CD with symlink-based zero-downtime swaps, queue-aware deploys, and dual rollback paths — then right-sized the underlying infrastructure to match a still-in-build-mode operation. Saved roughly $40,000 a year with no service loss, and bought enough runway for the platform to grow past 2,000 users before any of those decisions had to change.

Stack
GitHub Actions Cloudways Wasabi Docker Compose Laravel Horizon MySQL Bash

The brief

Same era as the SignerX API engagement. The infrastructure side started as a maintenance assist — the team had a DevOps consultant who was less available than the operation needed, and the deployment pipeline kept falling apart. I stepped in to stabilize it.

What I found upstream was a bigger problem: the platform was spending like a company that had reached scale, but SignerX was still in build mode, without a paying customer base to justify any of it. So what started as adjusting the blue/green deploys grew into a full infrastructure right-sizing — same uptime, same reliability, but dramatically less spend, and a runway long enough to grow into real customers before any of those decisions had to be revisited.

What I shaped

A blue/green deployment pipeline with first-class rollback. GitHub Actions deploys each commit into a timestamped directory under VERSION_STORAGE/{sha}, runs migrations there, then swaps a symlink to make the new version live. Horizon (the Laravel queue worker) halts gracefully, the symlink flips, Horizon restarts. A /healthcheck endpoint validates the deployed SHA matches expected before the deploy is marked successful. Two rollback paths exist as first-class concerns — a reusable Revert.yml workflow callable from anywhere via workflow_call, and a manual-trigger workflow that lets an operator target a specific commit or “previous” through a dropdown. Rollback isn’t a panic move; it’s just another button.

A test gate on every PR. A separate PR-Tests.yml workflow spins up MySQL 8.0, Redis 7.0, and the document-processing dependencies the API actually uses (ImageMagick, Ghostscript, FFmpeg), then runs the full Laravel feature suite. No merges without green. Failed-run logs upload as artifacts so debugging doesn’t require re-running the pipeline.

Modernization, version by version. When I came on, the CI ran on PHP 7.4 and MySQL 5.7. By the time I left, it was PHP 8.1, MySQL 8.0, Redis 7.0 — done incrementally so the team never lost a deploy day to a half-finished migration. The retired .bak workflows in the repo are the artifact of that.

Right-sizing for build mode. The platform was running like it had real load when it was still pre-customer. A move to Cloudways managed hosting (and away from a raw cloud deploy that nobody had time to maintain) plus a switch from AWS S3 to Wasabi for object storage collapsed the storage bill from $150/month to $7/month. Hosting came down from $1,500 to $500. The over-provisioned SaaS infrastructure stack came down from $3,000 to $600. About $40,000 a year saved, no service loss, and the runway from that carried the platform past the 2,000-user threshold before any of these decisions had to be revisited.

What’s notable about it

The right-sizing call was a judgment one — would the team scale the spend back up quickly when customers showed up? The answer turned out to be yes, and the savings extended the runway long enough for that question to become moot. The pipeline survived too — the same Deployments.yml and Revert.yml shipped six years of code with rollback as a first-class option rather than an emergency procedure.