Software Delivery Pipeline. CI/CD

1. Introduction
2. CI/CD Continuous Integration and Continuous Delivery
3. CI/CD Pipelines With Kubernetes
4. Observability
5. Code Review
6. Security in CI/CD
7. Progressive Delivery
8. Deployment Strategies
9. Pipeline Patterns
10. CI/CD with Kubernetes
11. CI/CD with OpenShift
12. CI/CD with AWS
13. Reports on the Enterprise CI/CD Market
14. Tools
15. Awesome Lists
16. Images
17. Videos
18. Tweets

Introduction

• The 12-Factor App: An Updated Guide - (Related to introduction topic)

• opensource.com: What is CI/CD?

• Wikipedia.org: DevOps
• Wikipedia.org: Continuous Integration
• Wikipedia.org: Continuous Delivery
• martinfowler.com: Continuous Integration (original version)

CI/CD Continuous Integration and Continuous Delivery

• DZone: Continuous Integration: Servers and Tools Learning to Utilize DevOps with Servers and Tools
• sdtimes.com: CI/CD pipelines are expanding 🌟 The “basic” CI/CD pipeline includes five processes, which are: merge, build, test, package and deploy. All of these are individually defined so readers have a common reference point. The basic pipeline includes sub-pipelines associated with each step, such as moving artifacts from a build into a repository.
• devopsonline.co.uk: ChatOps, DevOps, ScrumOps and 5 Other Ops religions
• opensource.com: A beginner’s guide to building DevOps pipelines with open source tools If you’re new to DevOps, check out this five-step process for building your first pipeline.
• acloud.guru: How youtr org predicts your CI/CD pipeline
• dev.to: CI/CD Continuous Integration & Delivery Explained 🌟🌟
• mindtheproduct.com: The Product Managers’ Guide to Continuous Delivery and DevOps 🌟🌟
• tech.buzzfeed.com: Continuous Deployments at BuzzFeed
• Dzone refcard: Continuous Delivery - Patterns and Anti-Patterns in the Software Lifecycle 🌟
• infoworld.com: What is CI/CD? Continuous integration and continuous delivery explained The CI/CD pipeline is one of the best practices for devops teams to implement, for delivering code changes more frequently and reliably
• devops.com: How to Implement an Effective CI/CD Pipeline
• ammeon.com: 5 Tips For Building A CI/CD Pipeline
• medium: What is CI/CD Pipeline in DevOps? 🌟🌟 Understanding the Importance of CI/CD Pipeline.
• aws.amazon.com: Automating safe, hands-off deployments 🌟🌟
• techuz.com: What is CI/CD? An Introduction to Continuous Integration, Continuous Deployment and CI/CD Pipeline
• kodekloud.com: What is CI/CD Pipeline in DevOps CI/CD plays an important role in your DevOps implementation path. Here are some important things to consider while building a CI/CD pipeline:
  • Peer code review
  • Build in a containerized environment
  • Shorten the feedback loop
  • Do CI first
  • Compare efficiency
  • Insert security checkpoints in the pipeline
  • Implement an easy way to rollback
  • Proactively monitor your CD pipeline
• medium: How to build an efficient CI/CD pipeline 🌟🌟
• developers.redhat.com: The present and future of CI/CD with GitOps on Red Hat OpenShift
• CI/CD Best Practices 🌟
• harness.io: What is a CI/CD Platform and why should I care? 🌟
• harness.io: 3 Ways to Use Automation in CI/CD Pipelines
• cloudbees.com: 7 Tips for Creating A Successful CI/CD Pipeline 🌟
• javi-kata.medium.com: CI/CD the journey of a dummy team 🌟 This article tries to help people in how to achieve CI/CD starting from a feature branching model (gitflow).
• thinkinglabs.io: Feature Branching considered evil 🌟
• tripwire.com: Everything You Need to Know About CI/CD and Security
• harness.io: CI/CD Pipeline: Everything You Need to Know 🌟
• stackoverflow.blog: Fulfilling the promise of CI/CD 🌟 When people say “CI/CD,” they are only talking about continuous integration. Nobody is talking about (or practicing) continuous deployment. AT ALL. It’s like we have all forgotten it exists. It’s time to change that.
• Top 5 CI/CD best practices for 2021 🌟
• harness.io: What is Continuous Integration? 🌟
• cd.foundation: 2021 Technology Trends and Predictions
• opsmx.com: What is a CI/CD Pipeline ?
• continuousdelivery.com: Patterns 🌟
• devops.com: 7 Popular Open Source CI/CD Tools
• testguild.com: Pipeline as Code with Mohamed Labouardy
• harness.io: Understanding the Phases of the Software Development Life Cycle
• cloudbees.com: Key Components of a CI/CD Pipeline
• blog.thundra.io: Why a CI/CD Pipeline Makes Good Business Sense
• jfrog.com: Cloud Native CI/CD: The Ultimate Checklist
• jfrog.com: How to Accelerate Software Delivery with Hybrid Cloud CI/CD (e-commerce) 🌟
• harness.io: Streamlining CI/CD and Optimizing AWS Cloud Spend
• sdtimes.com: The State of CI/CD “A few years ago, CI/CD started off as a method to help continuous deployment, but that definition of CI/CD is long defunct. CI/CD now has QA and security elements to it. We may have seen people refer to the current trend as DevSecOps. In my mind, DevSecOps is changing to be Dev-Infra-Sec-Ops (infrastructure-as-a-service) and will soon be called “Dev-Infra-Sec-Analytics-Ops (including analytics-as-a-service). One day the trend of CI/CD will eventually lead to touchless software development and maintenance. We are on the brink of major efficiency shift in the industry now and AI/ML and LCNC [low code/no code] technologies are enabling this shift.”
• javacodegeeks.com: The Case Against CI/CD What’s the Point of CI/CD?
• thenewstack.io: Improve Dev Experience to Maximize the Business Value of CD
• community.dataminer.services: CI/CD and the Agile Principles
• medium: Automated Build and Deploy Pipelines for Kubernetes
• medium: Next Generation Kubernetes Deployments
• levelup.gitconnected.com: Basics of CI/CD
• techrepublic.com: CI/CD platforms: How to choose the right continuous integration and delivery system for your business
• stackoverflow.blog: Fulfilling the promise of CI/CD When people say “CI/CD,” they are only talking about continuous integration. Nobody is talking about (or practicing) continuous deployment. AT ALL. It’s like we have all forgotten it exists. It’s time to change that.
• speakerdeck.com: Deployment Scripting != Continuous Delivery
• lambdatest.com: Top 10 CI/CD Pipeline Implementation Challenges And Solutions
• devopsdigest.com: CI/CD Deployments: How to Expedite Across a Kubernetes Environment With DevOps Orchestration
• medium.com/softwareimprovementgroup: CI/CD best practices: How to set up your pipeline
• medium.com/dynatrace-engineering: How to combine and automate infrastructure and application deployment in a microservice environment A collection of best practices to improve your confidence in your deployed applications.
• thenewstack.io: 4 Best Practices to Drive Successful Adoption of CI/CD
• about.gitlab.com: How to keep up with CI/CD best practices
• harness.io: Modern Software Delivery Best Practices & Software Delivery Management
• linkedin pulse: Enabling CI/CD to Boost DevOps | Pavan Belagatti
• about.gitlab.com: How to learn CI/CD fast
• thenewstack.io: Are Monolith CI/CD Pipelines Killing Quality in Your Software? This creates complex challenges for developers trying to push commits with confidence and DevOps teams responsible for fine-tuning their pipelines.
• clickittech.com: CI/CD Best Practices: Top 10 Practices for Financial Services
• medium.com/@rifkikarimr: Continuous Integration and Continuous Deployment: Best Practices for DevOps 🌟 Explore the basics of CICD. What they’re, why they’re important, how to set up CI/CD pipeline, the best practices for CI/CD, and how to overcome common challenges
• guru99.com: CI/CD Pipeline: Learn with Example 🌟🌟🌟 CICD automates the process of app delivery. It builds code, runs tests, helps to safely deploy new version of the app. It reduces manual errors, provides feedback, and allows fast product iterations.
• dzone.com: How To Build an Effective CI/CD Pipeline This article leads you through an exploration of practical steps for creating pipelines that accelerate deployments.
• groundcover.com: Cloud-native CI/CD? Yeah, that’s a thing 🌟 Discover how leveraging CI/CD pipelines based on Kubernetes gives organizations improved control and more efficient management, allowing for faster recovery and replication of runtime environments.
• spacelift.io: Kubernetes CI/CD Pipelines – 7 Best Practices and Tools | James Walker 🌟 CICD pipelines enhance app delivery process by automating key stages like testing, security scanning, and deployment. Adopting pipeline-based workflow helps to ship more quickly.
• thenewstack.io: Embracing Database Deployments in CI/CD Practices with Git Databases have not been well integrated into the CI/CD tooling landscape, but applying git-like concepts can help.
• hart-michael.medium.com: Why You Need Continuous Deployment

CI/CD Pipelines With Kubernetes

• ArgoCon North America 2026 Call for Proposals - (Related to argo topic)
• Enhancing Infrastructure as Code Generation with GitHub Copilot for Azure - (Related to iac topic)

• Automating Kubernetes Deployments with Helm Charts - (Related to helm topic)

• dzone.com: An Overview of CI/CD Pipelines With Kubernetes Take a look at CI/CD approaches in a Kubernetes ecosystem, best practices for implementing an efficient CI/CD framework, and popular open-source CI/CD tools.

• thenewstack.io: Kubernetes CI/CD Pipelines Explained Building an effective CI/CD pipeline requires diligent technical analysis, a generous amount of planning and choosing the right set of tools.

Observability

• betanews.com: Overcoming observability challenges in the CI/CD Pipeline

Code Review

• Purposeful Commits - (Related to git topic)

• Automate Pull Request Descriptions in Azure DevOps with Azure OpenAI - This article details how to leverage Azure OpenAI’s large language models to automatically generate pull request descriptions in Azure DevOps. It outlines a process where Azure Pipelines, triggered by pull request creation, use Azure DevOps variables to interact with the Azure OpenAI API. The LLM summarizes code changes into natural language, which is then programmatically set as the pull request description via the Azure DevOps API. This aims to enhance developer experience by providing context without manual effort.

• developers.redhat.com: 10 tips for reviewing code you don’t like

Security in CI/CD

• Deploying to Azure: Secure Your GitHub Workflow with OIDC 🌟 - This blog post explains the benefits of using OpenID Connect (OIDC) for securing GitHub Actions workflows when deploying to Azure. It provides a step-by-step guide on setting up OIDC authentication using Azure CLI, including creating an Azure AD application with federated credentials, and demonstrates its implementation within a GitHub repository workflow. The article highlights how OIDC eliminates the need for long-lived secrets in GitHub, thus enhancing security and simplifying credential management.
• Securing Azure DevOps When Using Private Repositories - (Related to azure topic)
• Avoiding Mistakes with AWS OIDC Integration Conditions - (Related to aws-security topic)

• Update to Azure DevOps Allowed IP Addresses - (Related to azure topic)

• CI Checks Are Not Enough: Combat Configuration Drift in Kubernetes Resources

• devops.com: 8 Security Considerations for CI/CD

Progressive Delivery

• split.io: Progressive Delivery
• harness.io: Progressive Delivery: Everything You Need to Know
• weave.works: Progressively Delivering Applications Across Cloud and On-Premise. Using Kuma & GitOps to implement canary releasing

Deployment Strategies

• blog.container-solutions.com: Deployment Strategies 🌟
  • It really depends on the needs and budget. When releasing to development/staging environments, a recreate or ramped deployment is usually a good choice. When it comes to production, a ramped or blue/green deployment is usually a good fit, but proper testing of the new platform is necessary.
  • Blue/green and shadow strategies have more impact on the budget as it requires double resource capacity. If the application lacks in tests or if there is little confidence about the impact/stability of the software, then a canary, a/b testing or shadow release can be used. If your business requires testing of a new feature amongst a specific pool of users that can be filtered depending on some parameters like geolocation, language, operating system or browser features, then you may want to use the a/b testing technique.
  • Last but not least, a shadow release is complex and requires extra work to mock egress traffic which is mandatory when calling external dependencies with mutable actions (email, bank, etc.). However, this technique can be useful when migrating to a new database technology and use shadow traffic to monitor system performance under load.
• harness.io: Intro to Deployment Strategies: Blue-Green, Canary, and More 🌟
• medium: Continuous Kubernetes blue-green deployments on Azure using Nginx, AppGateway or TrafficManager — part 2
• gitconnected.com: Blue-Green with Canary Deployment — A Novel approach
• semaphoreci.com: Continuous Blue-Green Deployments With Kubernetes 🌟
• cd.foundation: Intro to Deployment Strategies: Blue-Green, Canary, and More 🌟
• opsmx.com: What is Blue Green Deployment ?
• devopslearners.com: Blue-Green vs Canary Deployment
• youtube: Kubernetes Deployment Strategies | DevOps FAQ | DevOps DevOps Interview Q&A

Pipeline Patterns

• Azure DevOps Terraform Pipeline (Complete Guide + YAML Examples) 🌟 - A comprehensive guide to building a production-ready Azure DevOps pipeline for Terraform, focusing on safety, reusability, security, and structure. It covers OIDC authentication, reusable templates, gated approvals, private module access, and dynamic state file naming, presenting a robust pattern beyond basic ‘plan and apply’ scripts.

• Kiro: Engineering Rigor for Agentic Development - (Related to ai-agents-mcp topic)

• harness.io: Pipeline Patterns for CI/CD Pipelines 🌟 Button Push Pattern, Test Automation Pattern, Full Approval Pattern.

CI/CD with Kubernetes

• Automating Microsoft Sentinel Deployment with Azure DevOps CI/CD - (Related to azure topic)

• Azure Landing Zone IaC Accelerator - (Related to iac topic)

• blog.sonatype.com: Achieving CI and CD With Kubernetes 🌟

• Devtron Labs: Devtron provides a ‘seamless,’ ‘implementation agnostic uniform interface’ across Kubernetes Life Cycle integrated with most Opensource and commercial tools
• thenewstack.io: 7 features that make kubernetes ideal for CI/CD
• thenewstack.io: CI/CD with kubernetes 🌟
• harness.io: Kubernetes CI/CD Best Practices With all of the benefits that Kubernetes has, having good CI/CD practices is key. Kubernetes did not magically erase the discipline that your CI/CD journey has taken you on before Kubernetes. Leverage Kubernetes’s strengths to further your CI/CD journey.

CI/CD with OpenShift

• developers.redhat.com: The present and future of CI/CD with GitOps on Red Hat OpenShift 🌟

CI/CD with AWS

• Cloud Posse runs-on: GitHub Actions Self-Hosted Runners - (Related to kubernetes-tools topic)
• RunsOn: Self-hosted GitHub Actions Runners in AWS 🌟 - RunsOn provides a self-hosted solution for GitHub Actions runners, allowing you to run them within your own AWS account. This enables significant cost savings (up to 90%) compared to GitHub-hosted runners and offers greater control over instance types (x64, ARM64, GPU) and configurations. It integrates seamlessly with existing workflow syntax and handles runner management, caching, networking, and observability.

• Install Java 23 in an Azure DevOps Pipeline - (Related to azure topic)

• mediatemple.net: Cloud-Native CI/CD Workflows in AWS: 3 Use Cases

• trek10.com: Enterprise CI/CD on AWS: a pragmatic approach How can we work within the constraints of a large organization to develop CI/CD flows that help us deploy applications quickly, safely, and accountably on AWS?

Reports on the Enterprise CI/CD Market

• GigaOm’s Radar for Enterprise CI/CD 🌟 is a must-see report for any DevOps enthusiast. The goal of an end-to-end Continuous Integration/Continuous Delivery (CI/CD) pipeline is to deliver software-based innovation and business value at both speed and scale. CI/CD plays a very important role in the company’s DevOps journey. Keeping several factors in mind, Gigaom has come up with it’sown research and presented who leads and who lags in the CI/CD market.

Tools

• Terraform Enterprise 2.0 - (Related to terraform topic)
• feat(ui): Add AppSet to Application Resource Tree in Argo CD - (Related to argo topic)
• Claude Code in Action - (Related to ai topic)
• Terraform & OpenTofu Skill for AI Agents - (Related to terraform topic)
• Draw.io MCP for Diagram Generation: Why It’s Worth Using - (Related to cloud-arch-diagrams topic)
• Buildbot - Buildbot is an open-source Python-based framework for automating software build, test, and release processes. It facilitates continuous integration and continuous delivery pipelines.
• PMEase QuickBuild - QuickBuild is a flexible continuous integration and continuous deployment (CI/CD) server designed for DevOps teams. It offers features like build promotion, integration with LDAP, and support for various build customization options. Version 16.0 includes updates for Java LTS, improved build subscriptions, artifact reservation, and API enhancements.
• FossFLOW - A CI/CD pipeline for GitHub projects using GitHub Actions, Argo CD for GitOps, and FluxCD.
• Canine: A Developer-friendly PaaS for Kubernetes - (Related to kubernetes-tools topic)
• Azure DevOps MCP Server - (Related to azure topic)
• Azure DevOps MCP Server Public Preview - (Related to ai topic)
• Best Practices for Using GitHub Copilot - (Related to ai topic)
• Programming with GitHub Copilot Agent Mode - (Related to ai topic)
• InfraCost + Terraform PRs: Making Cost Awareness Effortless - (Related to terraform topic)
• Automate Terraform Testing with Azure DevOps Pipelines - (Related to terraform topic)
• Google Launches Gemini Code Assist, Challenging GitHub Copilot with Generous Free Tier - (Related to ai topic)
• Back of the Napkin Guide to Updating Jenkins - (Related to jenkins topic)
• Terraform Module Releaser GitHub Action - (Related to iac topic)
• Gama: Terminal UI for GitHub Actions - Gama is a terminal-based user interface (TUI) tool that allows users to manage GitHub Actions workflows directly from their terminal. It enables listing, triggering, and managing workflows, with support for extended workflow inputs and workflow history.
• Migrating CI/CD from Jenkins to Argo Workflows 🌟 - This article from DEV Community details Intuit’s experience and considerations when migrating their CI/CD pipelines from Jenkins to Argo Workflows. It discusses the challenges of running Jenkins at scale on Kubernetes and explores how Argo Workflows can be used alongside Argo CD for cloud-native CI/CD. The post focuses on the CI aspect and provides insights into mapping Jenkins functionalities to Argo Workflows, with an example to illustrate the differences.
• Dependabot Version Updates in Azure DevOps - This article details how to integrate Dependabot-like functionality into Azure DevOps pipelines, allowing for automated dependency updates in repositories. It covers installing the ‘Dependabot’ extension from the Azure DevOps Marketplace and configuring a pipeline to run the task regularly, mimicking GitHub’s Dependabot behavior. The setup includes utilizing a dependabot.yml configuration file, similar to its GitHub counterpart, to define package ecosystems and update strategies.
• action-tmate: Debug GitHub Actions via SSH - This GitHub Action allows users to debug their GitHub Actions by providing SSH access to the runner system itself. It leverages tmate to establish a secure shell connection, enabling real-time interaction and inspection of the execution environment.

• GitHub Copilot Now Explains Failed Actions Jobs (GA) - GitHub’s Copilot can now assist users by explaining why an Actions job failed. This feature, now Generally Available, allows users to select ‘Explain Error’ from a failing check in the pull request merge box or on the Actions job page. Copilot analyzes the job and provides tailored guidance for resolution, consuming one chat message per use. This integration aims to streamline debugging and improve CI/CD workflows.

• plutora.com: Artifacts management tools

• cloudbees.com: Continuous Delivery Tools: The 5 You Absolutely Need to Know in 2021
• dzone: DevOps: CI/CD Tools to Watch Out for in 2022 CI/CD is an integral part of any successful DevOps team. This list includes the finest CI/CD tools currently available in the market.
• betterprogramming.pub: When Should You Self-Host CI Tools? | William Anderson How to decide whether you should self-host, go with a SaaS option, or bundle your choice of CI tool through a vendor

Awesome Lists

• Awesome CI/CD 🌟

Images

Click to expand!

Videos

Click to expand!

Tweets

Click to expand!

CI/CD is a must-know in DevOps.

Here's a dead simple guide to understanding it:

— Nikki Siapno (@NikkiSiapno) January 30, 2023

• GitBook Webinar: GitBook for Public Docs - Webinar sobre el uso de GitBook para la documentación pública, útil para equipos que gestionan documentación de proyectos de Kubernetes y Cloud Native.