CI/CD Pipeline Decision Framework

A reference for CI/CD pipeline stages, environment promotion strategy, and deployment safety checks.

Syntax

environments-and-security
// Stage → Gate → Promote pattern

Example

environments-and-security
// Standard CI/CD pipeline stages
// PR opened → CI triggered automatically

// STAGE 1: Lint & Format
// - ESLint, Prettier, TypeScript check
// - Gate: fail on any error → block merge

// STAGE 2: Unit + Integration Tests
// - npm test (Vitest/Jest)
// - Coverage threshold (e.g., > 80%)
// - Gate: fail on test failure or coverage drop

// STAGE 3: Security Scan
// - npm audit (dependency vulnerabilities)
// - Snyk or GitHub CodeQL scan
// - Gate: fail on high/critical CVEs

// STAGE 4: Build
// - npm run build
// - Docker image build and tag
// - Gate: fail on build error

// STAGE 5: Deploy to Staging
// - Auto-deploy on merge to develop branch
// - Smoke tests run against staging URL
// - Gate: smoke test pass required

// STAGE 6: Deploy to Production
// - Manual approval OR auto-deploy on merge to main
// - Blue/green or rolling deployment
// - Post-deploy health check (/ returns 200)
// - Automatic rollback on health check failure

// Environment promotion rule:
// code → dev → staging → production
// NEVER skip staging for production deployments

// Zero-downtime deployment checklist:
// □ Database migrations are backward compatible
// □ Feature flags for breaking changes
// □ Rollback procedure documented and tested