CI CD Pipelines Cheat Sheet

Updated 2026-04-28

CI/CD (Continuous Integration/Continuous Delivery/Deployment) pipelines automate the process of building, testing, and deploying code, enabling teams to release software faster and more reliably. A pipeline orchestrates a series of automated stages—from code commit through production deployment—ensuring consistent quality checks at every step. Pipelines transform software delivery from manual, error-prone releases into predictable, repeatable workflows that can execute hundreds of times per day. The key mental model: pipelines are declarative workflows that move code from source to production through automated quality gates, where each stage validates the change before it proceeds; in 2026, security scanning, supply chain integrity, and AI-assisted optimization have become first-class pipeline concerns alongside speed and reliability.

What This Cheat Sheet Covers

This topic spans 18 focused tables and 145 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.

Table 1: Core Pipeline StagesTable 2: Pipeline TriggersTable 3: Testing Types in PipelinesTable 4: Deployment StrategiesTable 5: Continuous Delivery vs Continuous DeploymentTable 6: Pipeline Optimization TechniquesTable 7: CI/CD Tools and PlatformsTable 8: Pipeline Configuration ApproachesTable 9: Pipeline Runners and AgentsTable 10: Environment and Secrets ManagementTable 11: Pipeline Approval and GovernanceTable 12: Pipeline Monitoring and ObservabilityTable 13: Pipeline Artifacts and VersioningTable 14: Advanced Pipeline PatternsTable 15: Rollback and Failure HandlingTable 16: Infrastructure as Code in PipelinesTable 17: Pipeline Security PracticesTable 18: Cost Optimization

Table 1: Core Pipeline Stages

Stage	Example	Description
Source	`on: push` `branches: [main]`	Foundation stage that triggers the pipeline when code is committed to version control, starting the automation workflow.
Build	`npm run build` `docker build -t app:${VERSION} .`	• Compiles source code into executable artifacts • performs dependency resolution, transpilation, or containerization.
Test	`npm test` `pytest tests/`	Executes automated tests (unit, integration, E2E) to validate code behavior and catch regressions early.
Security scan	`semgrep scan --config auto` `trivy image app:latest`	• Runs SAST, SCA, and container scans as a dedicated pipeline stage • shift-left approach catches vulnerabilities at the cheapest moment.

Table 1: Core Pipeline Stages

Stage	Example	Description
Source	`on: push` `branches: [main]`	Foundation stage that triggers the pipeline when code is committed to version control, starting the automation workflow.
Build	`npm run build` `docker build -t app:${VERSION} .`	• Compiles source code into executable artifacts • performs dependency resolution, transpilation, or containerization.
Test	`npm test` `pytest tests/`	Executes automated tests (unit, integration, E2E) to validate code behavior and catch regressions early.
Security scan	`semgrep scan --config auto` `trivy image app:latest`	• Runs SAST, SCA, and container scans as a dedicated pipeline stage • shift-left approach catches vulnerabilities at the cheapest moment.

CI/CD Pipelines Cheat Sheet

Table 1: Core Pipeline Stages

CI/CD Pipelines Cheat Sheet

Table 1: Core Pipeline Stages