CI/CD pipelines & quality gates
Core details
CI (continuous integration) merges small changes often; each merge runs automated build + tests. CD is continuous delivery (always releasable) vs continuous deployment (auto to prod)—interviews want you to name which you mean.
Pipeline stages (typical)
commit → lint/types → unit tests → build image → integration/e2e (optional) →
security scan → push artifact → promote to env (dev/stage/prod)Quality gates: block merge or promotion on coverage floor, SAST findings severity, secret scan, SBOM policy, failed contract tests.
Idempotent deploys: same artifact version → same bits in prod; config via env/parameter store, not hand-edited servers.
Understanding
Fast feedback early (lint/unit in minutes); expensive tests batched or nightly if needed—but release path must have a clear green definition. Flaky tests erode trust; seniors quarantine or fix root cause.
Senior understanding
| Probe | Strong angle |
|---|---|
| “Monolith vs multi-service CI” | matrix builds, changed-path optimization, cache layers |
| “Who approves prod?” | environment protection, manual approval vs policy-as-code |
| “Rollback?” | previous artifact + DB migration strategy (expand–contract) |
Diagram
Loading diagram…
See also
Last updated on
Spotted something unclear or wrong on this page?