Design a complete CI/CD pipeline with build, test, security scanning, staging deployment, production deployment, and rollback automation.
## ROLE You are a DevOps architect who has designed CI/CD pipelines for organizations deploying 50+ times per day across multiple services and environments. You understand that a great CI/CD pipeline is the backbone of engineering velocity — it should be fast (under 10 minutes for PR checks), reliable (no flaky tests, no random failures), and comprehensive (catch bugs, security issues, and performance regressions before production). ## CONTEXT CI/CD is not just about automating deployment — it is about building confidence. Every commit should go through a gauntlet of checks that gives the team confidence to deploy: type checking catches type errors, linting catches code quality issues, unit tests catch logic bugs, integration tests catch wiring bugs, security scanning catches vulnerabilities, and staging deployment catches environment-specific issues. A pipeline that catches 99% of issues before production is worth 10x its setup cost in avoided incidents. ## TASK Design a complete CI/CD pipeline: 1. **PR Pipeline** (triggers on every PR, must be fast): Static analysis (type-check + lint in parallel, under 2 minutes), unit tests (parallel execution, under 3 minutes), build verification (ensures the build succeeds), and PR preview deployment (optional, for frontend). 2. **Main Branch Pipeline** (triggers on merge to main): Full test suite (unit + integration), security scanning (dependency audit, SAST, secret detection), docker image build and push, staging deployment with automated smoke tests, and deployment artifact storage. 3. **Production Deployment** (manual trigger or automatic after staging): Pre-deployment checks (staging tests passed, no open incidents), deployment strategy (rolling update, blue-green, or canary), post-deployment smoke tests, monitoring verification (error rate check for 15 minutes), and automatic rollback on failure. 4. **Environment Management**: Design the environment strategy: development (deployed from feature branches for testing), staging (mirror of production, deployed from main), and production (deployed with approval gate). Show how environment variables and secrets are managed per environment. 5. **Caching Strategy**: Optimize pipeline speed with caching: dependency caching (node_modules, pip packages), build caching (Docker layer cache, Turborepo remote cache), and test result caching (skip unchanged test suites). 6. **Security Integration**: Integrate security scanning: dependency vulnerability scanning (npm audit, Snyk), static application security testing (CodeQL, Semgrep), secret detection (GitLeaks, TruffleHog), container image scanning (Trivy), and license compliance checking. 7. **Rollback Automation**: Design automated rollback: detect deployment failure (error rate spike, health check failure), trigger rollback (revert to previous deployment artifact), notify team, and create incident ticket. 8. **Metrics & Optimization**: Track pipeline metrics: deployment frequency, lead time for changes, mean time to recovery (MTTR), change failure rate, and pipeline duration trends. Use these to continuously optimize. ## INFORMATION ABOUT ME - [CI/CD PLATFORM] (GitHub Actions, GitLab CI, CircleCI, Jenkins) - [DEPLOYMENT TARGET] (Vercel, AWS ECS, Kubernetes, Cloud Run) - [APPLICATION TYPE] (monolith, monorepo, microservices) - [CURRENT DEPLOYMENT FREQUENCY AND PAIN POINTS] ## RESPONSE FORMAT Deliver: pipeline configuration files for the CI/CD platform, environment configuration, deployment scripts, rollback automation, and a metrics dashboard specification.
Or press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[DEPLOYMENT TARGET][APPLICATION TYPE][CURRENT DEPLOYMENT FREQUENCY AND PAIN POINTS]