CI/CD Pipeline Design — From Commit to Production

Pipeline stages

1. Lint — code style and static analysis. Fast. Fail early.
2. Unit tests — isolated, no I/O. Should complete in under 2 minutes.
3. Build — compile, bundle, build container image.
4. Integration tests — against real dependencies (DB, cache) in a test environment.
5. Security scan — SAST, dependency vulnerability scan (Trivy, Snyk).
6. Deploy to staging — automatic on merge to main.
7. Deploy to production — automatic or gated by approval.

Keep it fast

• Parallelise independent stages.
• Cache dependencies (node_modules, pip packages, Maven .m2) between runs.
• Use test sharding for large test suites.
• Target: under 10 minutes from commit to staging deploy.

Deployment strategies

• Blue-green — two identical environments; switch traffic instantly. Zero downtime, instant rollback.
• Canary — route 5% of traffic to new version first. Validate metrics before full rollout.
• Rolling — replace instances one at a time. Simple but no instant rollback.