What is continuous integration/continuous delivery (CI/CD)?

A vital characteristic of the CI/CD pipeline is the use of automation to help ensure code quality. As the software changes progress through the pipeline, automated tests identify dependencies and other issues earlier, push code changes to different environments and deliver applications to production environments.

Here, the role of automation is to perform quality control, assessing everything from performance to application programming interface (API) usage and security. This process helps ensure the changes made by all team members are integrated comprehensively and performed as intended.

The ability to automate various phases of the CI/CD pipeline helps development teams improve quality, work faster and improve other DevOps metrics.

While the CI/CD pipeline refers to agile DevOps workflows, CI/CD stands for the combined practices of continuous integration and continuous delivery.

CI/CD creates a faster, more precise way of combining the work of different people into 1 cohesive product. In DevOps environments, CI/CD streamlines application coding, testing and deployment processes. This gives teams a single repository for storing work and automation tools to combine and test the code to help ensure it works consistently.

The CI/CD pipeline allows DevOps teams to write code, integrate it, run tests, deliver releases and deploy changes to the software collaboratively and in real-time. While automation of software releases—from initial testing to the final deployment—is a significant benefit of the CI/CD pipeline, other benefits include: 

• Reduced deployment time
• Decreased costs
• Continuous feedback loops
• Early error detection
• Reduced downtime and enhanced reliability
• Improved team collaboration and system integration

• Reduced deployment time: Automated testing makes the development process more efficient, reducing the length of the software delivery process. In addition, continuous deployment and automated provisioning allow a developer's changes to a cloud application to go live within minutes of writing them.

• Decreased costs: Fast development, testing and production (facilitated by automation) means less time spent on development. This results in reduced costs compared to traditional software development.

• Continuous feedback loops: The CI/CD pipeline represents a continuous cycle: build, test, deploy. Feedback loops enable developers to quickly act and improve the code every time after that code is tested.

• Early error detection: In continuous integration, testing is automated for each version of code built to look for issues in integration. These issues are easier to fix the earlier they occur in the pipeline.

• Reduced downtime and enhanced reliability: In the event of deployment failures, bugs or performance issues, features such as automated rollbacks revert a software system or app to a previous stable state. This feature minimizes downtime and enhances service reliability.

• Improved team collaboration and system integration: Everyone on the team can change code, respond to feedback and quickly respond to any issues.

The CI/CD pipeline consists of 3 connected methodologies:

• Continuous integration
• Continuous delivery
• Continuous deployment

The CI/CD process begins with continuous integration (CI), where developers commit their code to central repositories managed by version control systems (VCSs). CI allows developers to work independently, creating their own coding "branch" to implement small changes.

As the developer works, they can take snapshots of the source code, typically within a versioning tool like Git. The developer is then free to work on new features; if a problem comes up, Git can quickly revert the codebase to its previous state.

The work of individuals is then pushed into an automated system that uses scripts to build and test the code changes. After the automated build stage, a CI server compiles the source code changes into the main branch code or "trunk" of the shared source code repository.

Instead of writing code independently and submitting it to the main code branch once a month, which can lead to taxing work fixing bugs and poor version control, the CI/CD development process lets teams submit code changes more frequently. This continuous testing offers faster bug fixes, helps ensure functionality and, ultimately, results in better collaboration and software quality.

The next step in the pipeline is continuous delivery (CD), which puts the validated code changes made in continuous integration into select environments or code repositories, such as GitHub. Here, the operations team can deploy them to a live production environment.

The software and APIs are tested, and errors are resolved through an automated process. In the final step of the CD process, the DevOps team receives a notification about the latest build, and they manually send it to the deployment stage.

The goal of the continuous delivery pipeline stage is to deploy new code with minimal effort, but still allow a level of human oversight.

The CD in the CI/CD process also stands for continuous deployment. Continuous deployment automatically releases code changes to end-users after passing a series of predefined tests, such as integration tests that test code in a copycat environment to help ensure code integrity.

Both continuous delivery and continuous deployment deal with automating further down the pipeline than CI and are often used interchangeably.

The difference between continuous delivery and continuous deployment is in the level of automation used in software or app releases. In continuous delivery, code automatically moves to production-like environments for further testing and quality assurance, such as assessing risks and identifying source-code vulnerabilities. Human intervention is required to move into production following successful tests.

In continuous deployment, automation goes further. Once the code passes testing, the deployment to production happens automatically—human approval is unnecessary.

How an organization applies the CI/CD pipeline and decides whether to use continuous delivery or deployment depends on its business needs. Continuous deployment is best for DevOps teams with a fast development lifecycle, such as those building e-commerce sites and software as a service (SaaS) platforms.

Continuous deployment supports the software release process by allowing teams to release new or updated software often and as quickly as possible. Because changes are deployed to the public automatically, this type of continuous deployment pipeline is typically used only by DevOps teams who have a proven process.

For teams that might not need to release updates as frequently in their workflow—such as for those building healthcare applications—continuous delivery is typically the preferred option. It is slower but offers another layer of oversight to help ensure functionality for the end-users.

For a closer look at the difference between continuous delivery and continuous deployment, check out this video.

A machine learning pipeline is a series of interconnected data processing and modeling steps designed to automate, standardize and streamline the process of building, training, evaluating and deploying machine learning models.

Machine learning pipelines are an essential component in the development and production of machine learning (ML) systems. Moreover, they have become increasingly important due to the growth of big data and artificial intelligence (AI).

According to Kings Research, the global machine learning market size was valued at USD 26.06 billion in 2023 and is projected to grow from USD 35.44 billion in 2024 to USD 328.89 billion by 2031, exhibiting a CAGR of 37.47% during the forecast period.¹

Machine learning pipelines integrate with DevOps practices to enable CI/CD of machine learning models. This integration is referred to as machine learning operations (MLOps), which helps data science teams effectively manage the complexity of managing ML orchestration.

From source code to production, these stages comprise the development lifecycle and workflow of the CI/CD pipeline:

• Build
• Test
• Deliver
• Deploy

This stage is part of the continuous integration process and involves creating and compiling code. Teams build off of source code collaboratively and integrate new code while quickly determining any issues or conflicts.

At this stage, teams test the code. Automated tests happen in both continuous delivery and deployment. These testing environments might include integration tests, unit tests and regression tests.

Here, an approved codebase is sent to a production environment. This stage is automated in continuous deployment and is only automated in continuous delivery after developer approval.

Lastly, the changes are deployed, and the final product is moved into production. In continuous delivery, products or code are sent to repositories and moved into production or deployment by human approval. In continuous deployment, this step is automated.

When selecting CI/CD tools, the focus should be on optimizing and automating the software development process. An effective CI/CD pipeline uses open source tools for integration, testing and deployment. Correct configuration of your CI/CD process also impacts the success of the software development pipeline.

The most common open source CI/CD tool is Jenkins. Jenkins is an automated CI server written in Java that is used to automate CI/CD steps and reporting. Other open source tools for integration include Travis CI and CircleCI.

In addition to open source tools, all major cloud service providers—Google Cloud, IBM Cloud®, Microsoft Azure and Amazon Web Services (AWS)—offer cloud-based CI/CD toolchains, pipelines and tool integrations.

Integrated development environments (IDE), such as GitHub or AWS CodeCommit, help developers create, maintain and track software packages. At the same time, platforms such as GitLab seek to provide the IDE within a comprehensive platform that includes other tools.

When operating in a cloud environment, cloud-native DevOps teams use containers such as Docker for packaging and shipping applications, and they use container orchestration tools such as Kubernetes. While Kubernetes isn't strictly for the CI/CD pipeline, it is used in many CI/CD workflows.

CI/CD security focuses on practices, processes and technologies that implement and manage security and compliance measures across the CI/CD pipeline.

In the past, security was "tacked on" to software at the end of the development cycle. The advancement of cloud platforms, microservices and containers created a bottleneck to the traditional development approach. Security might not keep up with the rapid releases as developers adopted agile and DevOps practices, spurring the evolution of DevSecOps, which stands for development, security and operations. DevSecOps automates integrating security tools practices as they emerge within continuous integration (CI) and continuous delivery (CD) pipelines.

DevSecOps practices included shift-left and shift-right testing. Shift-left testing involves integrating security testing and other critical development practices earlier in the software development lifecycle (SDLC). Shift-right testing involves testing later in development, usually in production environments. These methods complement each other by spreading testing responsibility across the SDLC.