What Is a CI/CD Pipeline?
A CI/CD pipeline is an automated sequence of steps that takes your code from a developer's commit all the way to a running production environment. Each stage acts as a gate — catching problems early, enforcing quality, and reducing the risk of shipping broken software.
Understanding what happens at each stage is the foundation of building a pipeline that your team can actually trust.
The Core Stages of a Modern Pipeline
1. Source Stage (Trigger)
Every pipeline starts with a trigger. This is typically a push to a branch, a pull request, or a scheduled run. The source stage checks out the correct commit and makes the code available to subsequent steps.
- Common triggers: Git push, PR open/update, tag creation, scheduled cron
- Best practice: Run lightweight checks (linting, formatting) on every push; run full pipelines on merge to main
2. Build Stage
The build stage compiles or packages your application. For compiled languages like Go or Java, this means producing a binary. For interpreted languages, it may mean bundling assets or building a Docker image.
- Fail fast: a broken build should stop the pipeline immediately
- Cache dependencies to keep build times under control
- Tag artifacts with the commit SHA for traceability
3. Test Stage
This is where quality is enforced. A well-structured test stage runs multiple layers:
- Unit tests — fast, isolated, run on every commit
- Integration tests — test component interactions with real dependencies
- End-to-end tests — simulate full user flows in a staging environment
- Security scanning — SAST tools check for vulnerable patterns in code
Aim to parallelize test suites wherever possible. Long test stages are the #1 reason developers bypass pipelines.
4. Artifact Publishing
Once tests pass, the build artifact is published to a registry — a Docker image to a container registry, a package to an artifact store, or a binary to object storage. This ensures that exactly what was tested is what gets deployed.
5. Deployment Stage
The deployment stage pushes the artifact to target environments. A progressive approach looks like this:
| Environment | Audience | Trigger |
|---|---|---|
| Development | Engineers | Every commit to main |
| Staging | QA / internal teams | Every merge to main |
| Production | End users | Manual approval or auto on green |
6. Post-Deployment Verification
Deployment isn't the finish line. A mature pipeline runs smoke tests and health checks immediately after deployment, and monitors key metrics (error rates, latency) for a defined observation window before closing the loop.
Common Pipeline Anti-Patterns to Avoid
- Snowflake pipelines: pipelines that only work on one machine or for one team
- No caching: reinstalling all dependencies from scratch on every run
- Skipping tests on hotfixes: the times you most need tests are when you're in a rush
- Monolithic stages: one giant stage that does everything, making failures hard to diagnose
Key Takeaways
A well-designed CI/CD pipeline is your team's primary quality enforcement mechanism. Keep stages clearly separated, fail fast, parallelize where possible, and treat your pipeline code with the same care as your application code. Version control your pipeline definitions, review changes to them, and monitor their performance over time.