Skip to content
PersonalNotes

Continuous Integration & Continous Deployment (CI/CD)

Continuous Integration (CI):

  • Practice of frequently integrating code into a shared repository.
  • Automated tests verify each integration, catching issues early.
  • Tools: Jenkins, GitHub Actions, CircleCI, GitLab CI.

Continuous Delivery & Continuous Deployment (CD):

  • Extends CI by automating deployment to staging/production-like environments.
  • Ensures software is always in a deployable state.
  • Further automates delivery by deploying code to production after passing all tests.
  • Requires high confidence in tests and monitoring.

Usual CI/CD Pipeline Phases

  • Source Control: Trigger pipelines on code changes.
  • Build: Compile and create deployable artifacts.
  • Lint: Static code checking for styling, common code smells and security issues.
  • Test: Run automated test suites.
  • Release: Prepare artifacts for deployment.
  • Deploy: Roll out to staging or production.
  • Monitor: Continuously observe system health.

Deployment Strategies

StrategyDowntimeRollback EaseCostComplexityRisk
RecreateHighDifficultLowLowHigh
RollingNoneMediumMediumMediumMedium
Blue/GreenNoneEasyHighMediumLow
CanaryNoneEasyMediumHighLow
Feature TogglesNoneEasyLowHighLow
A/B TestingNoneDifficultMediumHighMedium
Shadow DeploymentNoneN/AHighMediumLow
Progressive DeliveryNoneEasyMediumHighLow

Recreate Deployment (All-at-Once)

Stop the current version of the application and replace it entirely with the new version.

Pros:

  • Simple to implement.
  • Minimal resource requirements.

Cons:

  • Complete downtime during deployment.
  • Risky as rollback requires re-deployment.

Use Case:

  • Non-critical applications where downtime is acceptable.

Rolling Deployment

Gradually replace old instances with new ones, one or a few at a time.

Pros:

  • No downtime if executed correctly.
  • Gradual release reduces risk of catastrophic failure.

Cons:

  • Slower deployment process.
  • Requires load balancer configuration to ensure traffic is routed correctly.

Use Case:

Services requiring high availability with minimal disruption.

Blue/Green Deployment

Deploy the new version (Green) alongside the current version (Blue), then switch traffic to the new version.

Pros:

  • Minimal downtime or disruption.
  • Simple rollback to the previous version (just redirect traffic).

Cons:

  • Requires double the infrastructure during deployment.
  • More expensive due to resource duplication.

Use Case:

Critical applications requiring minimal downtime and quick rollback.

Canary Deployment

Roll out the new version to a small subset of users, monitor performance, and gradually increase rollout.

Pros:

  • Controlled and gradual exposure minimizes risk.
  • Easy to monitor and adjust deployment.

Cons:

  • Requires advanced monitoring and traffic control tools.
  • Complexity in managing user groups and rollout phases.

Use Case:

Applications with diverse user bases and varying usage patterns.

Feature Toggles (Flag-based Deployment)

Deploy new features but control their activation via feature flags, allowing a switch between old and new behavior without redeploying.

Pros:

  • Decouples deployment from release.
  • Enables A/B testing and phased rollouts.

Cons:

  • Adds code complexity (flag management).
  • Risk of untested flag conditions in production.

Use Case:

Gradual feature introduction without full deployment.

A/B Testing Deployment

Deploy two versions of the application and divide traffic between them to measure performance.

Pros:

  • Allows comparison of feature impact.
  • Data-driven decision-making for features.

Cons:

  • Requires robust traffic segmentation and monitoring.
  • Only suitable for frontend or user-experience testing.

Use Case:

Testing different UI/UX designs or product changes.

Shadow Deployment

Send a copy of live user traffic to the new version for testing without exposing it to users.

Pros:

  • Real-world traffic testing without affecting users.
  • Useful for validating performance and compatibility.

Cons:

  • Requires infrastructure to handle duplicate traffic.
  • No real user feedback since it is not exposed.

Use Case:

Performance or load testing before full deployment.

Progressive Delivery

Combines canary deployment and feature flags to incrementally deliver updates.

Pros:

  • Highly flexible and controlled rollouts.
  • Allows rollback at any stage.

Cons:

  • Complex to manage and monitor.
  • Requires a mature CI/CD pipeline.

Use Case:

Large-scale applications with diverse use cases and significant risk of failure.

Blue/Green with Canary

Deploy new version in a green environment, then gradually roll out traffic using canary principles.

Pros:

  • Combines the safety of blue/green with the control of canary.
  • Simplifies rollback.

Cons:

  • Expensive due to double infrastructure.
  • Requires sophisticated traffic routing.

Use Case:

Critical, large-scale deployments where high availability and safety are priorities.

Pipeline Best Practices

Modular Pipelines

  • Break pipelines into reusable and composable steps.
  • Use parameterized templates for common tasks (e.g., linting, testing).
  • Example: A separate build module that can be reused across multiple pipelines.

Version-Controlled Pipelines

  • Store pipeline definitions as code (Pipeline-as-Code).
  • Version control ensures reproducibility and collaboration.
  • Tools: YAML configurations (GitHub Actions, GitLab CI).

Minimize Pipeline Runtime

  • Use caching to avoid redundant builds or tests (e.g., caching dependencies, Docker layers).
  • Parallelize steps where possible (e.g., test parallelization).
  • Trigger pipelines only when necessary (e.g., path-based triggers).

Fail Fast

Fail early in the pipeline to avoid wasting resources. Run lightweight checks (e.g., linters, syntax validators) before heavy tasks (e.g., integration tests).

Ensure Idempotency

Each step should produce the same outcome regardless of how often it’s executed. Avoid stateful dependencies or external systems without proper mocks.

Secure Pipelines

Never hardcode secrets; use secret management tools (e.g., Vault, AWS Secrets Manager). Regularly review access permissions for pipeline execution and secrets.

Comprehensive Testing

Include unit, integration, and end-to-end tests. Incorporate security and performance tests to catch non-functional issues.

Environment Consistency

Use containers to ensure build/test environments are consistent across developers, CI, and production. Tools: Docker, Kubernetes.

Optimize Build Artifacts

Use artifact repositories (e.g., JFrog Artifactory, Nexus) to store build outputs. Enable reproducible builds by versioning artifacts.

Use Metrics and KPIs

Track metrics like build duration, failure rate, deployment frequency, and mean time to recovery (MTTR). Use insights to iteratively improve pipeline efficiency.