Cicd

← Back to all decks

65 cards — 🟢 10 easy | 🟡 27 medium | 🔴 13 hard

🟢 Easy (10)

1. What is CI/CD and why is it important in DevOps?

Show answer

Automation of the building, testing, and deployment of apps.

Name origin: CI = Continuous Integration (merge + test frequently). CD = Continuous Delivery (automated release pipeline) or Continuous Deployment (auto-deploy to prod).

Fun fact: CI was popularized by Martin Fowler and Kent Beck in early 2000s Extreme Programming (XP).

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

2. What is a "build server"?

Show answer

A machine that compiles projects, runs tests, and deploys apps.

Remember: a good CI/CD pipeline is fast (<10 min), reliable (no flaky tests), and informative (clear failure messages). Slow pipelines kill developer productivity.

Gotcha: flaky tests erode trust in CI. Fix or quarantine them immediately. A pipeline that cries wolf is a pipeline that gets ignored.

3. What is a Workflow in GitHub Actions?

Show answer

A YAML file that defines the automation actions and instructions to execute upon a specific event.
The file is placed in the repository itself.

A Workflow can be anything - running tests, compiling code, building packages, ...

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

4. What is a Runner in GitHub Actions?

Show answer

A workflow has to be executed somewhere. The environment where the workflow is executed is called Runner.
A Runner can be an on-premise host or GitHub hoste

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

5. What is an "artifact"?

Show answer

A file (e.g., binary or library) produced by the build process.

Example: compiled binaries, JAR/WAR files, Docker images, npm packages, Helm charts, test reports, and coverage files are all artifacts.

Remember: artifacts = build outputs (JARs, Docker images, binaries). Store in registries (Artifactory, ECR, Docker Hub). Version everything.

Gotcha: artifacts should be immutable — never rebuild for production. Build once, promote the same artifact through staging to production.

Remember: artifacts = build outputs (JARs, Docker images, binaries). Store in registries (Artifactory, ECR, Docker Hub). Version everything.

6. What is a "Jenkinsfile"?

Show answer

A script defining the pipeline steps for a Jenkins job.

Remember: a good CI/CD pipeline is fast (<10 min), reliable (no flaky tests), and informative (clear failure messages). Slow pipelines kill developer productivity.

Gotcha: flaky tests erode trust in CI. Fix or quarantine them immediately. A pipeline that cries wolf is a pipeline that gets ignored.

7. What is a Job in GitHub Actions?

Show answer

A job is a series of steps which are executed on the same runner/environment.
A workflow must include at least one job.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

8. What is a "canary release"?

Show answer

Rolling out a new version to a small subset of users first.

Remember: canary = deploy to a small percentage of traffic first (1-5%), monitor, then gradually increase. Named after coal mine canaries that detect gas first.

9. What is a "rolling deployment"?

Show answer

Gradually replacing old versions with new ones to avoid downtime.

Remember: a good CI/CD pipeline is fast (<10 min), reliable (no flaky tests), and informative (clear failure messages). Slow pipelines kill developer productivity.

Gotcha: flaky tests erode trust in CI. Fix or quarantine them immediately. A pipeline that cries wolf is a pipeline that gets ignored.

10. What is MTTR (Mean Time To Recovery) and why does it matter for reliability?

Show answer

Mean Time To Recovery, a metric for system reliability.

Remember: a good CI/CD pipeline is fast (<10 min), reliable (no flaky tests), and informative (clear failure messages). Slow pipelines kill developer productivity.

Gotcha: flaky tests erode trust in CI. Fix or quarantine them immediately. A pipeline that cries wolf is a pipeline that gets ignored.

🟡 Medium (27)

1. What is an Action in GitHub Actions?

Show answer

An action is the smallest unit in a workflow. It includes the commands to execute as part of the job.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

2. How do you perform plan capacity for your CI/CD resources? (e.g. servers, storage, etc.)

Show answer

Capacity planning for CI/CD resources involves estimating the resources required to support the CI/CD pipeline and ensuring that the infrastructure has enough capacity to meet the demands of the pipeline. Here are some steps to perform capacity planning for CI/CD resources:

1. Analyze workload
2. Monitor current usage
3. Identify resource bottlenecks
4. Forecast future demand
5. Plan for growth
6. Consider scalability and elasticity
7. Evaluate cost and budget
8.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

3. What are the advantages of Jenkins over its competitors? Can you compare it to one of the following systems?

Show answer

Jenkins has several advantages over its competitors, including Travis, Bamboo, TeamCity, and CircleCI. Here are some of the key advantages:

1. Open-source and free
2. Customizable and flexible
3. Wide range of integrations and Plugins
4. Active and supportive community

When comparing Jenkins to its competitors, there are some key differences in terms of features and capabilities. For example:

- Travis: Travis is a cloud-based CI/CD platform that is known for its ease of use and fast setup.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

4. How did you report build results to users? What ways are there to report the results?

Show answer

You can report via:
* Emails
* Messaging apps
* Dashboards

Each has its own disadvantages and advantages. Emails for example, if sent too often, can be eventually disregarded or ignored.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

5. How to add a Workflow to a repository?

Show answer

CLI:

1. Create the directory `.github/workflows` in the repository
2. Add a YAML file

UI:

1. In the repository page, click on "Actions"
2. Choose workflow and click on "Set up this workflow"

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

6. What is the difference between Continuous Integration, Continuous Delivery, and Continuous Deployment?

Show answer

These are three related but distinct practices in modern software development:

Continuous Integration (CI):
- Developers frequently merge code to shared repository
- Each merge triggers automated build and tests
- Catches integration issues early
- Goal: Always have working, tested code in main branch

Continuous Delivery (CD):
- Extends CI: code is always in deployable state
- Automated pipeline builds, tests, and prepares releases
- Deployment to production requires MANUAL approval
- Goal: Can deploy any version at any time with one click

Continuous Deployment:\

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

7. What is the different between a scripted pipeline to declarative pipeline? Which type are you using?

Show answer

Jenkins supports two types of pipelines: Scripted pipelines and Declarative pipelines.

Scripted pipelines use Groovy syntax and provide a high degree of flexibility and control over the build process. Scripted pipelines allow developers to write custom code to handle complex scenarios, but can be complex and hard to maintain.

Declarative pipelines are a newer feature and provide a simpler way to define pipelines using a structured Groovy DSL.

Remember: typical pipeline stages: Source -> Build -> Test -> Deploy. Mnemonic: 'Source Builds Tests Deployed.'

8. In GitHub Actions workflow, what the 'on' attribute/directive is used for?

Show answer

Specify upon which events the workflow will be triggered.
For example, you might configure the workflow to trigger every time a changed is pushed to the repository.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

9. Where do you store CI/CD pipelines? Why?

Show answer

There are multiple approaches as to where to store the CI/CD pipeline definitions:

1. App Repository - store them in the same repository of the application they are building or testing (perhaps the most popular one)
2. Central Repository - store all organization's/project's CI/CD pipelines in one separate repository (perhaps the best approach when multiple teams test the same set of projects and they end up having many pipelines)
3.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

10. What is difference between Continuous Delivery and Continuous Deployment?

Show answer

Both encapsulate the same process of deploying the changes which were compiled and/or tested in the CI pipelines.
The difference between the two is that Continuous Delivery isn't fully automated process as opposed to Continuous Deployment where every change that is tested in the process is eventually deployed to production. In continuous delivery someone is either approving the deployment process or the deployment process is based on constraints and conditions (like time constraint of deploying every week/month/...)

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

11. What are some of Jenkins limitations?

Show answer

* Testing cross-dependencies (changes from multiple projects together)
* Starting builds from any stage (although Cloudbees implemented something called checkpoints)

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

12. In Zuul, What are the check pipelines?

Show answer

`check` pipeline are triggered when a patch is uploaded to a code review system (e.g. Gerrit).

Remember: typical pipeline stages: Source -> Build -> Test -> Deploy. Mnemonic: 'Source Builds Tests Deployed.'

13. In Zuul, What are the gate pipelines?

Show answer

`gate` pipeline are triggered when a code reviewer approves the change in a code review system (e.g. Gerrit)

Remember: typical pipeline stages: Source -> Build -> Test -> Deploy. Mnemonic: 'Source Builds Tests Deployed.'

14. What is Jenkins? What have you used it for?

Show answer

Jenkins is an open source automation tool written in Java with plugins built for Continuous Integration purpose. Jenkins is used to build and test your software projects continuously making it easier for developers to integrate changes to the project, and making it easier for users to obtain a fresh build. It also allows you to continuously deliver your software by integrating with a large number of testing and deployment technologies.

Jenkins integrates development life-cycle processes of all kinds, including build, document, test, package, stage, deploy, static analysis and much more.

15. You are given a pipeline and a pool with 3 workers: virtual machine, baremetal and a container. How will you decide on which one of them to run the pipeline?

Show answer

The decision on which type of worker (virtual machine, bare-metal, or container) to use for running a pipeline would depend on several factors, including the nature of the pipeline, the requirements of the software being built, the available resources, and the specific goals and constraints of the development and deployment process. Here are some considerations that can help in making the decision:

1. Pipeline requirements
2. Resource availability
3. Scalability and flexibility
4. Deployment and isolation requirements
5. Security considerations
6.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

16. What plugins have you used in Jenkins?

Show answer

Jenkins has a vast library of plugins, and the most commonly used plugins depend on the specific needs and requirements of each organization. However, here are some of the most popular and widely used plugins in Jenkins:

Pipeline: This plugin allows users to create and manage complex, multi-stage pipelines using a simple and easy-to-use scripting language.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

17. How to create dependencies between jobs so one job runs after another?

Show answer

Using the "needs" attribute/directive.

```\njobs:\n job1:\n job2:\n needs: job1\n```

In the above example, job1 must complete successfully before job2 runs

Remember: a good CI/CD pipeline is fast (<10 min), reliable (no flaky tests), and informative (clear failure messages). Slow pipelines kill developer productivity.

Gotcha: flaky tests erode trust in CI. Fix or quarantine them immediately. A pipeline that cries wolf is a pipeline that gets ignored.

18. True or False? gate pipelines run after the check pipelines

Show answer

True. `check` pipeline run when the change is uploaded, while the `gate` pipelines run when the change is approved by a reviewer

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

19. What is Continuous Integration?

Show answer

A development practice where developers integrate code into a shared repository frequently. It can range from a couple of changes every day or a week to a couple of changes in one hour in larger scales.

Each piece of code (change/patch) is verified to make sure that the change is safe to merge. Today, it's a common practice to test the change using an automated build that makes sure the code can be integrated.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

20. What is Continuous Delivery?

Show answer

A development strategy used to frequently deliver code to QA and Ops for testing. This entails having a staging area that has production like features where changes can only be accepted for production after a manual review. Because of this human entanglement there is usually a time lag between release and review making it slower and error prone as compared to continuous deployment.

For more info please read [here](https://www.atlassian.com/continuous-delivery/continuous-deployment)

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

21. What is Continuous Deployment?

Show answer

A development strategy used by developers to release software automatically into production where any code commit must pass through an automated testing phase. Only when this is successful is the release considered production worthy. This eliminates any human interaction and should be implemented only after production-ready pipelines have been set with real-time monitoring and reporting of deployed assets.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

22. Can you describe an example of a CI (and/or CD) process starting the moment a developer submitted a change/PR to a repository?

Show answer

There are many answers for such a question, as CI processes vary, depending on the technologies used and the type of the project to where the change was submitted.
Such processes can include one or more of the following stages:

* Compile
* Build
* Install
* Configure
* Update
* Test

An example of one possible answer:

A developer submitted a pull request to a project. The PR (pull request) triggered two jobs (or one combined job).

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

23. How to secure Jenkins?

Show answer

[Jenkins documentation](https://www.jenkins.io/doc/book/security/securing-jenkins/) provides some basic intro for securing your Jenkins server.

Remember: a good CI/CD pipeline is fast (<10 min), reliable (no flaky tests), and informative (clear failure messages). Slow pipelines kill developer productivity.

Gotcha: flaky tests erode trust in CI. Fix or quarantine them immediately. A pipeline that cries wolf is a pipeline that gets ignored.

24. What is Jenkins and what role does it play in CI/CD pipelines?

Show answer

An open-source automation server for CI/CD. Jenkins orchestrates build, test, and deploy pipelines via a web UI. It uses a master-agent architecture where the master schedules jobs and agents execute them.

Who made it: Originally 'Hudson' by Kohsuke Kawaguchi at Sun Microsystems (2004). Forked to Jenkins in 2011 after Oracle acquired Sun.

X vs Y: Jenkins (self-hosted, flexible, plugin-heavy) vs GitHub Actions (SaaS, YAML-native, tighter GitHub integration) vs GitLab CI (integrated with GitLab, YAML pipelines).

Remember: typical pipeline stages: Source -> Build -> Test -> Deploy. Mnemonic: 'Source Builds Tests Deployed.'

25. What is "blue-green deployment"?

Show answer

Running two identical environments and switching traffic between them. Blue is the current production. Green is the new version. Deploy to green, validate, then switch the load balancer/DNS to point at green. If green fails, switch back to blue instantly.

Remember: blue-green = two identical environments. Deploy to green, test, switch traffic. Rollback = switch back to blue. Zero downtime.

X vs Y: Blue-green (instant switch, 2x resources) vs canary (gradual rollout, less resources) vs rolling (in-place updates, no extra infra).

Remember: blue-green = two identical environments. Deploy to green, test, switch traffic. Rollback = switch back to blue. Zero downtime.

26. If you are managing a dozen of jobs, you can probably use the Jenkins UI. But how do you manage the creation and deletion of hundreds of jobs every week/month?

Show answer

Managing the creation and deletion of hundreds of jobs every week/month in Jenkins can be a daunting task if done manually through the UI. Here are some approaches to manage large numbers of jobs efficiently:

1. Use job templates
2. Use Job DSL
3. Use Jenkins REST API
4. Use a configuration management tool
5. Use a Jenkins job management tool

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

27. Describe how do you add new nodes (agents) to Jenkins

Show answer

You can describe the UI way to add new nodes but better to explain how to do in a way that scales like a script or using dynamic source for nodes like one of the existing clouds.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

🔴 Hard (13)

1. How do you measure your CI/CD quality? Are there any metrics or KPIs you are using for measuring the quality?

Show answer

Measuring the quality of CI/CD processes is crucial to identify areas for improvement, ensure efficient and reliable software delivery, and achieve continuous improvement. Here are some commonly used metrics and KPIs (Key Performance Indicators) to measure CI/CD quality:

1. Build Success Rate: This metric measures the percentage of successful builds compared to the total number of builds. A high build success rate indicates that the majority of builds are successful and the CI/CD pipeline is stable.
2.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

2. How would you structure/implement CD for an application which depends on several other applications?

Show answer

Implementing Continuous Deployment (CD) for an application that depends on several other applications requires careful planning and coordination to ensure smooth and efficient deployment of changes across the entire ecosystem. Here are some general steps to structure/implement CD for an application with dependencies:

1. Define the deployment pipeline
2. Automate the deployment process
3. Version control and dependency management
4. Continuous integration and testing
5. Rolling deployments
6. Monitor and manage dependencies
7. Testing across the ecosystem
8.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

3. You need to run unit tests every time a change submitted to a given project. Describe in details how your pipeline would look like and what will be executed in each stage

Show answer

The pipelines will have multiple stages:

* Clone the project
* Install test dependencies (for example, if I need tox package to run the tests, I will install it in this stage)
* Run unit tests
* (Optional) report results (For example an email to the users)
* Archive the relevant logs/files

Remember: typical pipeline stages: Source -> Build -> Test -> Deploy. Mnemonic: 'Source Builds Tests Deployed.'

4. There are four teams in your organization. How to prioritize the builds of each team? So the jobs of team x will always run before team y for example

Show answer

In Jenkins, you can prioritize the builds of each team by using the "Priority Sorter" plugin. Here are the steps to set up build prioritization:

1. Install the "Priority Sorter" plugin if it's not already installed in Jenkins.
2. Go to the Jenkins system configuration page and click on "Configure Global Security". Scroll down to the "Access Control" section and click on "Per-project basis".
3. In the "Project default actions" section, select "Configure build triggers and execution" from the dropdown menu.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

5. Whenever a build fails, you would like to notify the team owning the job regarding the failure and provide failure reason. How would you do that?

Show answer

In Jenkins, you can use the "Email Notification" plugin to notify a team when a build fails. Here are the steps to set up email notifications for failed builds:

1. Install the "Email Notification" plugin if it's not already installed in Jenkins.
2. Go to the Jenkins job configuration page and click on "Configure".
3. Scroll down to the "Post-build Actions" section and click on "Add post-build action".
4. Select "Editable Email Notification" from the list of options.
5. Fill out the required fields, such as the recipient email addresses, subject line, and email content.

6. What type of jobs are there? Which types have you used?

Show answer

In Jenkins, there are various types of jobs, including:

1. Freestyle job: This is the most common type of job in Jenkins, which allows users to define custom build steps and configure various options, including build triggers, SCM polling, and post-build actions.
2. Pipeline job: Pipeline job is a newer feature in Jenkins that allows users to define a pipeline of jobs that can be executed in a specific order. The pipeline can be defined using a Jenkinsfile, which provides a script-like syntax for defining the pipeline stages, steps, and conditions.
3.

7. How to acquire multiple nodes for one specific build?

Show answer

To acquire multiple nodes for a specific build in Jenkins, you can use the "Parallel" feature in the pipeline script. The "Parallel" feature allows you to run multiple stages in parallel, and each stage can run on a different node.

Here is an example pipeline script that demonstrates how to acquire multiple nodes for a specific build:

```tsx
pipeline {
agent any
stages {
stage('Build') {
parallel {
stage('Node 1') {
agent { label 'node1' }
steps {\

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

8. What are the limitations or disadvantages of Jenkins?

Show answer

This might be considered to be an opinionated answer:

* Old fashioned dashboards with not many options to customize it
* Containers readiness (this has improved with Jenkins X)
* By itself, it doesn't have many features. On the other hand, there many plugins created by the community to expand its abilities
* Managing Jenkins and its pipelines as a code can be one hell of a nightmare

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

9. Have you used Jenkins for CI or CD processes? Can you describe them?

Show answer

Let's assume we have a web application built using Node.js, and we want to automate its build and deployment process using Jenkins. Here is how we can set up a simple CI/CD pipeline using Jenkins:

1. Install Jenkins: We can install Jenkins on a dedicated server or on a cloud platform such as AWS or Google Cloud.
2. Install necessary plugins: Depending on the specific requirements of the project, we may need to install plugins such as NodeJS, Git, Docker, and any other plugins required by the project.
3.

10. How would you implement an option of a starting a build from a certain stage and not from the beginning?

Show answer

To implement an option of starting a build from a certain stage and not from the beginning in a Jenkins pipeline, we can use the `when` directive along with a custom parameter to determine the starting stage. Here are the steps to implement this:

1. Add a custom parameter to the pipeline. This parameter can be a simple string or a more complex data type like a map.

```tsx\n parameters {\n string(name: 'START_STAGE', defaultValue: '', description: 'The name of the stage to start the build from')\n }\n ```

2.

11. What CI/CD best practices are you familiar with? Or what do you consider as CI/CD best practice?

Show answer

* Commit and test often.
* Testing/Staging environment should be a clone of production environment.
* Clean up your environments (e.g. your CI/CD pipelines may create a lot of resources. They should also take care of cleaning up everything they create)
* The CI/CD pipelines should provide the same results when executed locally or remotely
* Treat CI/CD as another application in your organization.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

12. Do you have experience with developing a Jenkins plugin? Can you describe this experience?

Show answer

Developing a Jenkins plugin requires knowledge of Java and familiarity with Jenkins API. The process typically involves setting up a development environment, creating a new plugin project, defining the plugin's extension points, and implementing the desired functionality using Java code. Once the plugin is developed, it can be packaged and deployed to Jenkins.

The Jenkins plugin ecosystem is extensive, and there are many resources available to assist with plugin development, including documentation, forums, and online communities.

Remember: shift left — run security scanning, linting, and testing as early as possible in the pipeline. The later you find a bug, the more expensive it is to fix.

13. Explain the following:

Show answer

- Job is an automation definition = what and where to execute once the user clicks on "build"
- Build is a running instance of a job. You can have one or more builds at any given point of time (unless limited by configuration)
- A worker is the machine/instance on which the build is running. When a build starts, it "acquires" a worker out of a pool to run on it.
- An executor is variable of the worker, defining how many builds can run on that worker in parallel. An executor value of 3 means, that 3 builds can run at any point on that executor (not necessarily of the same job. Any builds)