Foundations · Module 5

Deployment and CI and CD

Automate secure deployments with CI/CD pipelines, DevSecOps integration, deployment strategies, and Infrastructure as Code basics.

27 min 4 outcomes Software Architecture Foundations

Previously

Verification and testing

Ensure quality and security through comprehensive testing strategies, OWASP ASVS integration, accessibility testing with WCAG 2.2, and performance testing.

This module

Deployment and CI and CD

Automate secure deployments with CI/CD pipelines, DevSecOps integration, deployment strategies, and Infrastructure as Code basics.

Next

Operations

Run systems reliably in production with Google SRE principles, four golden signals, observability triad, and effective incident response.

Progress

Mark this module complete when you can explain it without rereading every paragraph.

Why this matters

Delivery is where good architecture can be damaged.

What you will be able to do

  • 1 Explain deployment and ci and cd in your own words and apply it to a realistic scenario.
  • 2 CI/CD is where you enforce quality, not where you hope it exists.
  • 3 Check the assumption "Checks are fast enough" and explain what changes if it is false.
  • 4 Check the assumption "Deployments are reversible" and explain what changes if it is false.

Before you begin

  • No previous technical background required
  • Read the section explanation before using tools

Common ways people get this wrong

  • Bypass behaviour. If gates feel unfair, bypass becomes normal.
  • Unsafe defaults. If defaults are unsafe, you ship risk repeatedly.

Automate secure deployments with CI/CD pipelines, DevSecOps integration, deployment strategies, and Infrastructure as Code basics.

Delivery is where good architecture can be damaged. This module keeps change safe, repeatable, and observable.

Mental model

Pipeline as control surface

CI/CD is where you enforce quality, not where you hope it exists.

  1. 1

    Commit

  2. 2

    Build

  3. 3

    Checks

  4. 4

    Deploy

Assumptions to keep in mind

  • Checks are fast enough. If checks are too slow, teams bypass. Speed is a safety feature.
  • Deployments are reversible. Rollback is what makes releases safe.

Failure modes to notice

  • Bypass behaviour. If gates feel unfair, bypass becomes normal.
  • Unsafe defaults. If defaults are unsafe, you ship risk repeatedly.

Check yourself

Quick check. Deployment and CI and CD

0 of 5 opened

What does continuous integration mean

Merging changes often and automatically building and testing them so problems are found early.

What does continuous delivery mean

Keeping changes in a deployable state with automated checks, so release is a choice not a scramble.

Scenario. A dependency gains a critical CVE. Where should you catch it

In automated dependency and vulnerability checks in the pipeline, plus an alert that reaches the owning team.

Why plan for rollback before deployment

Because failures happen. Rollback reduces time to recovery and prevents panic decisions under pressure.

What is a deployment gate

A required check before release, such as tests, review, or security scanning, which prevents known bad changes reaching users.

Artefact and reflection

Artefact

A short module note with one key definition and one practical example

Reflection

Where in your work would explain deployment and ci and cd in your own words and apply it to a realistic scenario. change a decision, and what evidence would make you trust that change?

Optional practice

CI/CD pipelines, DevSecOps, deployment strategies, and IaC basics

Back to Software Architecture