CI/CD Fundamentals
π§ 1. What is CI/CD?¶
CI/CD Architecture Overview¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β CI/CD Pipeline Architecture β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Developer CI (Continuous Integration)
β β
β git push β
βΌ βΌ
ββββββββββ ββββββββββββββββ
β GitHub ββββββββββββββββββΆβ Trigger β
β GitLab β β Pipeline β
ββββββββββ ββββββββ¬ββββββββ
β
βΌ
ββββββββββββββββ
β Build Code β
β β’ Maven β
β β’ npm β
β β’ Docker β
ββββββββ¬ββββββββ
β
βΌ
ββββββββββββββββ
β Run Tests β
β β’ Unit β
β β’ Integrationβ
β β’ Security β
ββββββββ¬ββββββββ
β
βββββββββββββββ΄ββββββββββββββ
β β
PASS β FAIL β
β β
βΌ βΌ
CD (Continuous Deployment) Notify Team
β (Email/Slack)
βΌ
ββββββββββββββββ
β Build Image β
β β’ Docker β
β β’ Container β
ββββββββ¬ββββββββ
β
βΌ
ββββββββββββββββ
β Push to β
β Registry β
β β’ Docker Hub β
β β’ ECR β
ββββββββ¬ββββββββ
β
βΌ
ββββββββββββββββ
β Deploy to β
β Environment β
β β’ K8s β
β β’ EC2 β
β β’ ECS β
ββββββββ¬ββββββββ
β
βΌ
ββββββββββββββββ
β Monitor β
β β’ Prometheus β
β β’ Grafana β
β β’ CloudWatch β
ββββββββββββββββ
π‘ Continuous Integration (CI)¶
The process of automatically building, testing, and merging code whenever a developer pushes new commits to a shared repository.
β Purpose:
-
Detect errors early
-
Prevent integration issues
-
Maintain a deployable build
Example:
When a developer pushes to GitHub β pipeline runs tests β if all pass β merge to main.
βοΈ Continuous Deployment (CD)¶
Automatically deploy your application after CI is successful.
β Purpose:
-
Make delivery faster and reliable
-
Reduce manual steps in deployment
Example:
After CI success β code is built β Docker image created β pushed to Docker Hub β deployed automatically to Kubernetes or AWS EC2.
𧩠CI/CD Together means:
Every code change automatically goes through β
Build β Test β Deploy β Monitor
π§ 2. CI/CD Pipeline Stages¶
Letβs break it into phases:
| Stage | Description | Example Tool |
|---|---|---|
| Source | Developer pushes code | GitHub, GitLab |
| Build | Code compilation / image build | Maven, npm, Docker |
| Test | Unit, integration, security tests | JUnit, PyTest, Snyk |
| Deploy | Deploy to environment | ArgoCD, Jenkins, GitHub Actions |
| Monitor | Track metrics, errors | Prometheus, Grafana |
𧱠Pipeline Flow Example¶
βοΈ 3. Tools Used in CI/CD¶
| Category | Tools | Description |
|---|---|---|
| Version Control | GitHub, GitLab | Store code |
| CI Tools | Jenkins, GitHub Actions, GitLab CI, CircleCI | Automate testing/build |
| CD Tools | ArgoCD, Spinnaker, FluxCD | Automate deployment |
| Containerization | Docker | Package applications |
| Orchestration | Kubernetes | Manage container deployment |
| Monitoring | Prometheus, Grafana | Observe performance |
| Security | Snyk, Trivy | Vulnerability scanning |
ποΈ 4. Real Example: Complete CI/CD Pipeline¶
Letβs build a hands-on flow for a microservice application using:
-
GitHub Actions for CI
-
Docker for packaging
-
Kubernetes + ArgoCD for CD
-
Prometheus + Grafana for monitoring
πͺ Step 1: Folder Structure¶
my-app/
βββ app/
β βββ main.py
β βββ requirements.txt
βββ Dockerfile
βββ k8s/
β βββ deployment.yaml
β βββ service.yaml
βββ .github/
βββ workflows/
βββ ci-cd.yml
𧩠Step 2: Dockerfile¶
FROM python:3.11-slim
WORKDIR /app
COPY app/ /app
RUN pip install -r requirements.txt
CMD ["python", "main.py"]
𧩠Step 3: Kubernetes Deployment¶
k8s/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 2
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: yuvaraj/my-app:latest
ports:
- containerPort: 5000
𧩠Step 4: GitHub Actions CI/CD Workflow¶
.github/workflows/ci-cd.yml
name: CI-CD Pipeline
on:
push:
branches:
- main
jobs:
build-test-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.11
- name: Install Dependencies
run: |
pip install -r app/requirements.txt
- name: Run Tests
run: |
pytest
- name: Build Docker Image
run: |
docker build -t yuvaraj/my-app:${{ github.sha }} .
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Push Image
run: |
docker push yuvaraj/my-app:${{ github.sha }}
- name: Deploy to Kubernetes via ArgoCD
run: |
kubectl apply -f k8s/
𧩠Step 5: Continuous Deployment with ArgoCD¶
ArgoCD watches your GitHub repo β if it detects changes in k8s/deployment.yaml,
it automatically syncs and deploys them to Kubernetes.
ArgoCD YAML (App Definition)¶
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-app
spec:
project: default
source:
repoURL: 'https://github.com/yuvaraj/my-app'
path: k8s
targetRevision: main
destination:
server: 'https://kubernetes.default.svc'
namespace: default
syncPolicy:
automated:
prune: true
selfHeal: true
π 5. Best Practices for CI/CD¶
| Area | Best Practice |
|---|---|
| Branching | Use Git Flow (main, develop, feature/*) |
| Secrets | Use GitHub Secrets, AWS Secrets Manager |
| Testing | Automate unit + integration + security |
| Monitoring | Always include metrics and alerts |
| Rollback | Use ArgoCD or Helm for versioned deployments |
| Security | Scan Docker images with Trivy or Snyk |
| Performance | Cache dependencies (pip, npm, etc.) |
π 6. Advanced CI/CD Topics¶
| Feature | Description |
|---|---|
| Blue-Green Deployment | Run two environments (Blue = live, Green = new version). Switch after testing. |
| Canary Deployment | Gradually roll out new versions to small user groups. |
| Infrastructure as Code (IaC) | Use Terraform or Ansible to automate environment setup. |
| GitOps | Manage deployments declaratively via Git (ArgoCD, FluxCD). |
| Security Integration | Add tools like Snyk or Trivy to scan during CI. |
π₯ Example Workflow Summary¶
Developer commits code β
GitHub Actions builds and tests β
Docker image pushed β
ArgoCD deploys to K8s automatically β
Prometheus + Grafana monitor health β
Alerts sent on failures.