CI/CD
Continuous integration and deployment best practices
Best Practices
Trunk-Based Development Guidelines
Branching strategy promoting short-lived branches, frequent commits to trunk, and feature flags.
by Paul HammantSAFe Continuous Delivery Pipeline
Scaled Agile Framework’s model for continuous exploration, integration, deployment, and release on demand.
by Scaled Agile Inc.Continuous Integration Best Practices
A development practice where engineers merge code into a shared mainline many times a day, each merge verified by an automated build and test suite.
by Martin Fowler (ThoughtWorks)Continuous Delivery
A discipline where software is built so it can be released to production safely at any time, with every change proven release-ready by an automated pipeline.
by Jez Humble and David FarleyDeployment Pipeline Pattern
An automated, staged path that takes every code change from commit through build, tests, and successive environments, providing a single auditable route to production.
by Jez Humble and David FarleyPipeline as Code
Defining CI/CD pipelines in version-controlled configuration files stored alongside the application, so the delivery process is reviewable, reproducible, and auditable.
by Jenkins (CloudBees)Artifact Repository Management
The practice of storing, versioning, and governing build artifacts and dependencies in a dedicated repository so the same trusted binary is promoted from build to production.
by JFrogReproducible Builds
A set of practices ensuring a given source plus build environment always produces bit-for-bit identical binaries, so anyone can independently verify what shipped.
by Reproducible Builds ProjectMLOps Principles
The discipline of applying DevOps and engineering rigor to machine learning so models are built, deployed, monitored, and retrained reliably and reproducibly.
by GooglePerformance Budgets
A performance budget sets quantitative limits on metrics like page weight, request count, and load timings, enforced in development and CI to stop regressions.
by Google (web.dev)Flaky Test Management
A disciplined approach to detecting, quarantining, and fixing nondeterministic tests so CI signal stays trustworthy and developers keep merging.
by Google Testing BlogCode Coverage Best Practices
Guidance on using code coverage as a signal of untested code rather than a target, including diff coverage and avoiding coverage gaming.
by Google Testing BlogStatic Application Security Testing in CI
Integrating SAST tools into the CI pipeline to scan source code for security vulnerabilities automatically on every change.
by OWASPProducts & Technologies
Argo CD
Declarative GitOps continuous delivery for Kubernetes
Flux CD
GitOps toolkit for Kubernetes
Jenkins
Open source automation server for CI/CD
GitHub Actions
CI/CD platform integrated with GitHub
GitLab CI/CD
Built-in CI/CD for GitLab
CircleCI
Cloud-based CI/CD platform
Tutorials
How to build a GitHub Actions pipeline for a web app
Create a complete GitHub Actions workflow that lints, tests, and builds an application on every push and pull request.
How to set up a GitLab CI/CD pipeline
Configure a .gitlab-ci.yml pipeline with stages for testing, building, and deploying using GitLab runners.
How to create a reusable GitHub Actions workflow
Build a callable workflow with inputs and secrets so multiple repositories share one tested CI definition.
How to run matrix builds in CI
Use a build matrix to test your code across multiple language versions and operating systems in parallel.
How to speed up CI builds with caching
Cache dependencies and build outputs in CI to cut pipeline time, with correct cache keys and invalidation.
How to publish a Docker image to a registry from CI
Build a Docker image in CI and push it to a container registry with proper tags and authentication.
How to automate versioning and releases with semantic-release
Use semantic-release and Conventional Commits to automatically determine versions, tag releases, and publish from CI.
How to build an environment promotion pipeline
Promote a single build artifact through dev, staging, and production with gated approvals instead of rebuilding per stage.
How to manage secrets securely in CI pipelines
Store, inject, and mask secrets in CI without leaking them, using scoped credentials and short-lived tokens.
How to automate dependency updates in CI
Configure automated dependency update pull requests with grouping, scheduling, and auto-merge for safe updates.
How to set up a CircleCI pipeline with workflows
Configure a CircleCI pipeline using jobs, workflows, and orbs to test and deploy an application.
Checklists
CI/CD Pipeline Review Checklist
A structured review of a continuous integration and delivery pipeline for correctness, speed, security, and reproducibility.
FAQs
What is CI/CD?
CI/CD stands for Continuous Integration and Continuous Delivery (or Deployment). Continuous Integration means developers merge code into a shared branch frequently, with each merge triggering an automated build and test run to catch problems early. Continuous Delivery extends this by automatically preparing every validated change for release, while Continuous Deployment goes one step further and pushes passing changes to production with no manual gate. Together they shorten feedback loops and make releases smaller, safer, and more frequent.
Benchmarks
Build-Time Benchmark
Measures how long it takes to compile and package software, a key developer-productivity and CI-cost metric across clean, incremental, and cached builds.