← Volver al Material

πŸ”„ DevOps & CI/CD

Continuous Integration, Deployment & modern development practices

🎯 Warm-up Discussion

Let's explore what you already know about DevOps:

  • What do you know about DevOps? What have you heard about it?
  • Have you worked with CI/CD pipelines or deployment automation? Tell me about your experience.
  • What DevOps tools have you used or heard about (Docker, Jenkins, GitHub Actions, etc.)?
  • Tell me about your experience with deployments - how do you usually deploy applications?
  • What challenges have you faced (or heard about) with testing, deployment, or infrastructure?

🎧 Listening: CI/CD in Action

Goal: Watch the video to spot the key stages in a modern CI/CD pipeline and the distinction between continuous delivery and continuous deployment.

Video: CI/CD Pipeline Explained (Fireship)

Check Your Understanding

Select the correct answer for each question based on the video.

1. What event triggers the pipeline in the example from the video?
A) A nightly cron job on the production server
B) A developer pushes code to the shared repository
C) The product owner writes a new user story
2. After running tests and linting, what does the pipeline do in the integration stage?
A) Promotes the build straight to production with no safeguards
B) Emails the team asking for manual approval
C) Packages the app as a container image and stores it in a registry
3. According to the video, what separates continuous delivery from continuous deployment?
A) Delivery automates deployments while deployment keeps a human gate
B) Delivery keeps a manual approval before production, deployment releases automatically
C) There is no real difference; the terms are identical
4. Why does the video emphasize shipping small, frequent changes?
A) It reduces risk, simplifies rollbacks, and keeps the flow fast
B) It removes the need for continuous monitoring
C) It lets teams skip automated tests without issues

πŸ“– Reading: The DevOps Revolution

Beyond the basics: mature DevOps organizations treat CI/CD as a socio-technical supply chain. Build stages are codified as declarative graphs, often orchestrated by event-driven runners that hydrate ephemeral environments on demand. Each node in the graph emits signed provenance (SLSA, in-toto) so downstream gates can attest to artifact integrity before a release ever touches a cluster.

Modern CI is less about β€œrun the unit tests” and more about continuously converging divergent branches of reality. Advanced teams run mutation testing, contract verification, static analysis with policy-as-code, and automated SBOM diffing inside every merge. GitOps controllers reconcile the desired state back into Kubernetes or ECS, and drift detection loops flag any mutation that bypassed the pipeline.

Continuous delivery has evolved into progressive delivery. Instead of a single binary push, deployments fan out through layered strategies: automated staging promotion, canary cohorts weighted by real user metrics, synthetic checks hitting dark traffic mirrors, and automated rollback conditioned on SLO burn-rate alerts. Feature flags act as circuit breakers, allowing teams to decouple code shipping from capability exposure.

Operations practices have kept pace. Service-level objectives pair with error budgets negotiated between SRE and product owners; observability pipelines ingest high-cardinality telemetry, route it through anomaly detection, and feed results back into the pipeline as quality signals. DORA metrics are no longer vanity numbersβ€”they are correlated with business KPIs to drive continuous improvement experiments.

  • Core insight: the pipeline is treated as a product. Teams version their workflow definitions, run A/B tests on deployment strategies, and publish change logs for their delivery platform.
  • Security posture: supply-chain security scanners, secrets detection, and policy engines (OPA, Conftest) stop compromised dependencies before promotion.
  • Developer experience: on-demand preview environments, seeded with production-like data via masked snapshots, give reviewers deterministic feedback within minutes.

This level of rigor turns CI/CD into a competitive moat. Organizations that operate at this altitude typically see double-digit improvements in lead time and reliability, while maintaining the ability to ship multiple times per dayβ€”without sacrificing governance or compliance.

πŸ“ Post-Reading Vocabulary Challenge

Instructions: Type the exact technical term from the reading that best completes each statement. Use lowercase; spelling matters.

1. We generate signed ____ metadata (SLSA, in-toto) so downstream gates can verify the lineage of every artifact.
2. Our release process uses ____ delivery, layering staged promotions, canary cohorts, and automated rollbacks.
3. Drift gets caught when ____ controllers reconcile declared state back into the cluster.
4. Error budgets paired with ____ objectives let SREs negotiate release velocity with product.

🧠 Vocabulary Exercise: Match the Concept

Match each DevOps term (1-8) with the definition (A-H) that best fits it:

1
Pipeline
2
Infrastructure as Code
3
Containerization
4
Continuous Integration
5
Deployment Automation
6
Monitoring
7
Rollback
8
Blue-green Deployment

πŸ’¬ Speaking Section: DevOps & CI/CD

Discussion cards for meaningful conversation

Have you set up a CI/CD pipeline?

πŸ’‘ Discussion tips:

  • Share your experience: tools used, challenges faced
  • Use vocabulary: continuous integration, deployment, automated testing
  • Discuss benefits: faster releases, fewer bugs
GitHub Actions, Jenkins, or GitLab CI: which do you prefer?

πŸ’‘ Discussion tips:

  • Compare features, ease of use, integration
  • Apply vocabulary: pipeline, workflow, runner, artifacts
  • Share specific use cases where each excels
What's the biggest DevOps challenge you've faced?

πŸ’‘ Discussion tips:

  • Discuss cultural resistance, tooling complexity, monitoring
  • Use vocabulary: infrastructure as code, containerization, orchestration
  • Share how you overcame the challenge
How often should you deploy to production?

πŸ’‘ Discussion tips:

  • Debate continuous deployment vs scheduled releases
  • Apply vocabulary: rollback, blue-green deployment, canary releases
  • Discuss risk mitigation strategies
Docker or Kubernetes: do you need both?

πŸ’‘ Discussion tips:

  • Explain containerization vs orchestration
  • Use vocabulary: container, pod, cluster, scaling
  • Share when Kubernetes might be overkill
How do you handle failed deployments?

πŸ’‘ Discussion tips:

  • Discuss rollback strategies, incident response, post-mortems
  • Apply vocabulary: hotfix, rollback, monitoring, alerts
  • Share war stories and lessons learned
What metrics matter most in DevOps?

πŸ’‘ Discussion tips:

  • Reference DORA metrics: deployment frequency, lead time, MTTR
  • Use vocabulary: observability, logging, tracing, metrics
  • Discuss how to measure team performance
Is Infrastructure as Code worth the investment?

πŸ’‘ Discussion tips:

  • Apply vocabulary: Terraform, Ansible, CloudFormation, provisioning
  • Compare benefits vs learning curve
  • Share experiences with configuration drift
How do you balance speed and stability in releases?

πŸ’‘ Discussion tips:

  • Discuss automated testing, staging environments, feature flags
  • Use vocabulary: regression testing, smoke tests, integration tests
  • Talk about risk tolerance and business requirements
Will AI automate DevOps jobs?

πŸ’‘ Discussion tips:

  • Discuss AI for monitoring, incident detection, auto-remediation
  • Use future tense: "AI will handle...", "DevOps will evolve to..."
  • Debate which tasks can/can't be automated

🎯 Conversation Starters:

  • "The CI/CD pipeline I'm most proud of is..."
  • "When a deployment failed in production..."
  • "I think the future of DevOps involves..."
  • "The best DevOps practice I've adopted is..."

πŸ’‘ Remember to use DevOps vocabulary: CI/CD, pipeline, deployment, containerization, orchestration, infrastructure as code, monitoring!