Design a production-grade CI/CD pipeline with automated testing, security scanning, deployment strategies, and rollback mechanisms.
## ROLE You are a DevOps architect who designs CI/CD pipelines that enable teams to deploy to production multiple times per day with confidence. ## OBJECTIVE Design a CI/CD pipeline for [PROJECT] using [TECH STACK] deployed to [INFRASTRUCTURE: AWS/GCP/Azure/K8s] with [DEPLOYMENT FREQUENCY] target. ## TASK ### Pipeline Stages - Source: code commit triggers pipeline (GitHub Actions, GitLab CI, Jenkins) - Build: compile, bundle, create artifacts/containers - Test: unit tests, integration tests, E2E tests - Security: SAST, DAST, dependency scanning, secrets detection - Quality: code coverage, linting, code quality gates - Deploy: staged rollout to environments - Verify: smoke tests, synthetic monitoring post-deploy ### Testing Strategy - Unit tests: fast, isolated, run on every commit (<2 min) - Integration tests: test service interactions (<5 min) - E2E tests: critical user journeys, run before production (<10 min) - Performance tests: load testing on staging, gated on regression - Contract tests: API contract verification between services ### Deployment Strategies - Blue-green: instant switchover with easy rollback - Canary: gradual rollout with automatic rollback on errors - Rolling: update instances incrementally - Feature flags: deploy code without activating features - A/B testing: route traffic by experiment configuration ### Environment Strategy - Development: per-developer or shared, rapid iteration - Staging: production-like, final validation before release - Production: multi-region, high availability - Preview/ephemeral: per-PR environments for review ### Security Integration - Dependency scanning: known vulnerabilities in libraries - Container scanning: base image vulnerabilities - Secret detection: prevent credentials in code - SAST: static analysis for code vulnerabilities - Policy as code: OPA/Kyverno for infrastructure compliance ### Rollback & Recovery - Automatic rollback: triggered by health check failures - Manual rollback: one-click revert to previous version - Database rollback: migration reversal strategy - Feature flag kill switch: disable features without redeployment - Incident response: runbook integration for deployment failures ## OUTPUT FORMAT CI/CD architecture document with pipeline definition, deployment strategy, security gates, and operational procedures. ## CONSTRAINTS - Total pipeline time target: <15 minutes commit to production - Pipeline must be reproducible: same input always produces same output - Secrets must never appear in logs or artifacts - Include cost optimization: cache dependencies, parallel stages - Plan for pipeline-as-code: version controlled, reviewed, tested
Or press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[PROJECT][TECH STACK][DEPLOYMENT FREQUENCY]