CI/CD Patterns Skill
Purpose
Best practices for continuous integration and deployment pipelines.
Auto-Invoke Triggers
- •Setting up CI/CD pipelines
- •Configuring automated deployments
- •Implementing quality gates
- •Managing environments
Pipeline Stages
Standard Pipeline
code
Commit → Build → Test → Analyze → Deploy (Staging) → Deploy (Production)
Stage Responsibilities
| Stage | Purpose | Failure Action |
|---|---|---|
| Build | Compile, dependencies | Block pipeline |
| Unit Test | Fast tests | Block pipeline |
| Lint/Format | Code quality | Block pipeline |
| Integration Test | API/DB tests | Block pipeline |
| Security Scan | Vulnerabilities | Block or warn |
| Deploy Staging | Test environment | Block production |
| E2E Test | User flows | Block production |
| Deploy Production | Live release | Rollback ready |
Branch Strategy
Git Flow
| Branch | Purpose | Deploys To |
|---|---|---|
main | Production code | Production |
develop | Integration branch | Staging |
feature/* | New features | - |
hotfix/* | Emergency fixes | Production |
release/* | Release prep | Staging |
Trunk-Based Development
| Branch | Purpose | Deploys To |
|---|---|---|
main | All code | Staging → Production |
feature/* | Short-lived branches | Preview |
Quality Gates
Build Stage
- • Code compiles without errors
- • Dependencies resolve
- • Build artifacts created
Test Stage
- • Unit tests pass (100%)
- • Coverage threshold met (> 70%)
- • Integration tests pass
- • No test flakiness
Analysis Stage
- • No linting errors
- • No critical security issues
- • No new technical debt
Deploy Stage
- • Health checks pass
- • Smoke tests pass
- • No errors in logs
Environment Strategy
Environment Types
| Environment | Purpose | Data | Access |
|---|---|---|---|
| Development | Local testing | Fake | Developer |
| CI | Automated tests | Test | Pipeline |
| Staging | Pre-production | Sanitized | Team |
| Production | Live users | Real | Restricted |
Environment Parity
- •Keep environments as similar as possible
- •Use same database type
- •Use same infrastructure (scaled down)
- •Use environment variables for differences
Deployment Strategies
Blue-Green Deployment
- •Two identical environments (Blue/Green)
- •Deploy to inactive environment
- •Switch traffic after verification
- •Easy rollback (switch back)
Canary Deployment
- •Deploy to small percentage of users
- •Monitor errors and metrics
- •Gradually increase traffic
- •Full rollback if issues
Rolling Deployment
- •Update instances one at a time
- •No downtime
- •Mixed versions during deploy
- •Slower rollback
Strategy Selection
| Strategy | Use When |
|---|---|
| Blue-Green | Zero downtime critical, easy rollback needed |
| Canary | Risk mitigation, gradual rollout |
| Rolling | Resource constrained, stateless apps |
Secrets Management
Rules
- •Never commit secrets to git
- •Use environment-specific secrets
- •Rotate secrets regularly
- •Audit secret access
Secret Storage
| Tool | Use Case |
|---|---|
| GitHub Secrets | GitHub Actions |
| Azure Key Vault | Azure pipelines |
| AWS Secrets Manager | AWS deployments |
| HashiCorp Vault | Multi-cloud |
Artifact Management
Versioning
- •Use semantic versioning (MAJOR.MINOR.PATCH)
- •Tag releases in git
- •Include commit SHA in build metadata
- •Version artifacts consistently
Retention
| Artifact Type | Retention |
|---|---|
| Build logs | 30 days |
| Test results | 90 days |
| Release artifacts | 1 year |
| Docker images | 90 days |
Rollback Strategy
Automated Rollback Triggers
- •Health check failures
- •Error rate spike (> 5%)
- •Response time degradation
- •Memory/CPU threshold breach
Rollback Process
- •Detect failure (automated monitoring)
- •Trigger rollback (automated or manual)
- •Deploy previous version
- •Verify health
- •Investigate root cause
Rollback Requirements
- •Keep N-1 version deployable
- •Database migrations must be backward compatible
- •Feature flags for risky changes
- •Test rollback procedure regularly
Pipeline Optimization
Speed Improvements
- •Parallelize independent stages
- •Cache dependencies
- •Use incremental builds
- •Skip unchanged components
- •Use faster runners/agents
Target Times
| Stage | Target |
|---|---|
| Build | < 5 min |
| Unit tests | < 5 min |
| Integration tests | < 10 min |
| Full pipeline | < 30 min |
Notifications
When to Notify
| Event | Notify |
|---|---|
| Build failure | Author, Team |
| Deploy to staging | Team |
| Deploy to production | Team, Stakeholders |
| Rollback | Team, On-call |
Channels
- •Slack/Teams for team notifications
- •Email for stakeholders
- •PagerDuty for critical failures
Best Practices
DO
- •Fail fast (run quick checks first)
- •Use infrastructure as code
- •Version your pipeline configuration
- •Test pipeline changes in feature branches
- •Monitor pipeline metrics
- •Document deployment process
DON'T
- •Skip tests to save time
- •Deploy on Fridays
- •Deploy without monitoring
- •Ignore flaky tests
- •Manual production deploys
- •Store secrets in pipeline config
CI/CD Checklist
Pipeline Setup
- • Build stage configured
- • All test types included
- • Linting and formatting checks
- • Security scanning enabled
- • Deployment stages defined
Quality
- • Quality gates enforced
- • Coverage thresholds set
- • No secret in code
- • Artifacts versioned
Deployment
- • Staging environment exists
- • Rollback procedure tested
- • Health checks configured
- • Notifications set up
- • Monitoring in place