TechTrailCamp
← Back to Blog
DevOps

CI/CD Pipeline Design Patterns: From Code to Production

TechTrailCamp·Feb 10, 2026·14 min read
CI/CD PIPELINE STAGES Source Git Push GitHub / CodeCommit Build Compile + Docker CodeBuild / GH Actions Test Unit + Integration + Contract + Security Staging Deploy + E2E Tests Smoke + Performance Production Blue-Green / Canary CodeDeploy / ArgoCD Deployment Strategies Rolling Update Replace instances gradually, one at a time Blue-Green Two identical environments, instant switch Canary Route small % of traffic to new version first Every commit should be deployable. The pipeline decides if it actually gets deployed.

A well-designed CI/CD pipeline is the backbone of modern software delivery. It transforms a code commit into a production deployment through a series of automated stages — building, testing, and deploying — with confidence that each release is safe and reliable.

Yet many teams have pipelines that are slow, flaky, or provide false confidence. This guide covers the patterns, stages, and deployment strategies that separate production-grade pipelines from "it works on my machine" automation.

The Pipeline Stages

Stage 1: Source

Every pipeline starts with a trigger — typically a git push or pull request. The source stage fetches the latest code and passes it to the build stage.

  • Trigger on push to main — for trunk-based development with continuous deployment
  • Trigger on PR — run build + test before merging, deploy after merge
  • Trigger on tag — for release-based workflows where you tag versions explicitly

Stage 2: Build

Compile code, resolve dependencies, and create deployable artifacts. For containerized applications, this means building a Docker image and pushing it to a registry (ECR). 

# Build stage example (GitHub Actions)
build:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    - name: Build Docker image
      run: docker build -t my-app:${{ github.sha }} .
    - name: Push to ECR
      run: |
        aws ecr get-login-password | docker login --username AWS --password-stdin $ECR_REPO
        docker push $ECR_REPO:${{ github.sha }}

Stage 3: Test

The most critical stage. Run multiple test layers in parallel where possible:

  • Unit tests — fast, run on every commit (~2-5 minutes)
  • Integration tests — with real databases using Testcontainers (~5-10 minutes)
  • Contract tests — verify API compatibility between services (~2-3 minutes)
  • Security scans — SAST (static analysis), dependency vulnerability scanning (~3-5 minutes)
  • Linting + formatting — enforce code standards (~1 minute)
Parallel Test Execution Build ~3 min Unit Tests (~2 min) Integration Tests (~8 min) Contract Tests (~3 min) Security Scan (~4 min) All Pass? Quality Gate Deploy to Staging/Prod Total: ~11 min (parallel) vs ~17 min (sequential). Run tests in parallel to keep pipelines fast.
Running tests in parallel significantly reduces pipeline duration

Stage 4: Staging

Deploy to a production-like environment and run end-to-end tests, smoke tests, and performance tests. This is your final quality gate before production.

Stage 5: Production Deployment

The moment of truth. How you deploy to production determines your risk profile and rollback speed.

Deployment Strategies

1. Rolling Update

Replace instances one at a time. At any point during deployment, some instances run the old version and some run the new version. This is the default for ECS and Kubernetes.

  • Pros — zero downtime, no extra infrastructure cost
  • Cons — two versions running simultaneously (must be backward compatible), slow rollback
  • Best for — stateless services with backward-compatible changes

2. Blue-Green Deployment

Maintain two identical environments: Blue (current) and Green (new). Deploy to Green, run health checks, then switch the load balancer to point to Green. If anything goes wrong, switch back to Blue instantly.

Blue-Green Deployment Load Balancer (ALB) Blue (v1.2 - Current) Serving 100% traffic 3x ECS tasks running Green (v1.3 - New) Deployed, health checked 3x ECS tasks ready switch → Instant rollback: just switch the load balancer back to Blue
Blue-green deployment provides instant rollback by switching between two identical environments
  • Pros — instant rollback, zero-downtime, no mixed versions
  • Cons — double the infrastructure cost during deployment, database migrations must be backward compatible
  • Best for — critical services where fast rollback is essential

3. Canary Deployment

Route a small percentage of traffic (e.g., 5%) to the new version. Monitor error rates and latency. If metrics look good, gradually increase traffic. If not, route all traffic back to the old version.

  • Pros — minimal blast radius, real user validation, data-driven rollout
  • Cons — complex routing setup, need robust monitoring, slower rollout
  • Best for — high-traffic services where you want real-world validation before full rollout

AWS CI/CD Tooling

  • AWS CodePipeline — orchestrates the pipeline stages. Integrates with CodeBuild, CodeDeploy, and third-party tools.
  • AWS CodeBuild — managed build service. Define build steps in a buildspec.yml. Scales automatically.
  • AWS CodeDeploy — manages deployments to EC2, ECS, and Lambda with blue-green and canary strategies.
  • GitHub Actions — popular CI/CD directly in GitHub. Excellent marketplace of reusable actions. Often preferred over CodePipeline for simplicity.
  • ArgoCD — GitOps-based continuous delivery for Kubernetes. Watches a Git repo and syncs the cluster state automatically.

Pipeline Design Principles

1. Fast Feedback

The pipeline should give developers feedback within 10-15 minutes. If it takes 45 minutes, developers will batch changes and avoid running it. Run fast tests first, slow tests later.

2. Everything as Code

Pipeline definitions, infrastructure, deployment configs — everything lives in the repository. No manual configuration in CI/CD tools. Use buildspec.yml, Dockerfile, taskdef.json, and Terraform/CDK for infrastructure.

3. Immutable Artifacts

Build once, deploy everywhere. The same Docker image that passed tests in CI is deployed to staging and then to production. Never rebuild for different environments — only change configuration.

4. Gate, Don't Block

Use quality gates (test pass rates, code coverage thresholds, security scan results) to automatically decide whether to proceed. Manual approval gates should be rare — only for critical production deployments.

5. Rollback by Default

Every deployment should have an automatic rollback mechanism. If health checks fail after deployment, the system should roll back without human intervention. AWS CodeDeploy supports this natively.

Common Anti-Patterns

  • Pipeline that only runs on merge — run the full pipeline on PRs so failures are caught before merging, not after.
  • Flaky tests in the pipeline — a test that fails randomly erodes trust in the pipeline. Fix or remove flaky tests immediately.
  • Manual deployment steps — "SSH into the server and restart" is not CI/CD. Automate everything.
  • Environment drift — staging must mirror production. Use IaC (Terraform/CDK) to ensure environments are identical.
  • No rollback plan — if you can't roll back in under 5 minutes, your deployment process is incomplete.
The goal of CI/CD is not just automation — it's confidence. Confidence that every commit is safe to deploy, that failures are caught before users see them, and that rollback is always one click away.

Measuring Pipeline Health

Track these metrics to ensure your pipeline is serving the team well:

  1. Lead time for changes — from commit to production. Target: under 1 hour.
  2. Deployment frequency — how often you deploy. Elite teams deploy multiple times per day.
  3. Change failure rate — percentage of deployments that cause issues. Target: under 15%.
  4. Mean time to recovery (MTTR) — how quickly you roll back or fix. Target: under 1 hour.
  5. Pipeline duration — total time from trigger to deployment. Target: under 15 minutes.
  6. Test pass rate — percentage of pipeline runs that pass all tests. Below 95% indicates flaky tests.

Conclusion

A well-designed CI/CD pipeline is the difference between "we deploy once a month and it's terrifying" and "we deploy 10 times a day with confidence." Start with a simple pipeline (build, test, deploy), add quality gates, choose the right deployment strategy for your risk profile, and measure everything.

At TechTrailCamp, CI/CD pipeline design is a core skill in our DevOps and AWS tracks. You'll build production-grade pipelines with GitHub Actions, CodePipeline, and ArgoCD through hands-on, 1:1 mentoring.

Want to build production-grade CI/CD pipelines?

Join TechTrailCamp's 1:1 training and master deployment automation on AWS.

Start Your Learning Journey