Ci Cd Fundamentals
Can you explain build automation?
Can you explain Continuous Integration, Continuous Delivery, and Continuous Deployment and highlight the differences between them?
Can you explain what Continuous Integration is and its benefits?
How does CI help in solving "integration hell" or late/big-bang merges?
What does 'stop-the-line' or fail-fast mean in a CI pipeline, and why does it matter?
What does 'works on my machine' reveal about a build process, and how does CI address it?
What does "self-testing builds" mean in the context of CI?
What is a build failure and what is the broken-build discipline?
What is a CI/CD pipeline, and what are its main stages?
What is CI/CD and why is it important in software development?
What is the deployment pipeline concept, and what problem does it solve in software delivery?
What is the importance of integrating code frequently in CI?
What is the value of small, frequent deployments over large infrequent releases?
Why is fast feedback important in a CI/CD pipeline, and how do you achieve it?
Why should every part of the delivery process live in version control, and what belongs there?
Deployment Strategies
Describe the blue/green deployment strategy and explain how it achieves zero downtime.
Explain blue-green and canary deployment strategies. What are their advantages and disadvantages?
Explain rolling deployment and how it differs from the recreate strategy.
What is a deployment freeze and when is it appropriate?
What is automated canary analysis and how does it drive automated rollback?
What is blast-radius control in the context of deployments, and how do you limit it?
What is canary deployment and when would you use it?
What is ring-based or progressive delivery?
What is shadow or traffic-mirroring deployment and when would you use it?
Security & Supply Chain
Explain the concept of shift-left security in the context of CI/CD.
How do you address security vulnerabilities identified by scanning tools in a pipeline?
How do you incorporate security into your CI/CD pipeline (DevSecOps)?
How do you securely manage sensitive data like API keys, database credentials, and access tokens within your CI/CD pipeline configuration, and what are common mistakes?
What are the risks of self-hosted runners and how do you secure them?
What does least-privilege mean for pipeline permissions and runners?
What is an SBOM and what role does it play in pipeline security?
What is software supply-chain security, and what do SLSA, artifact signing, and provenance address?
What is the difference between SAST, DAST, and dependency scanning as pipeline gates?
Why are short-lived or OIDC-based credentials preferred over static secrets in pipelines?
Pipeline Design & Architecture
Explain the difference between declarative and scripted pipelines in the context of pipeline-as-code.
Explain the role of automated testing in Continuous Integration and Continuous Delivery pipelines.
How do you design a CI/CD pipeline?
How do you reason about and reduce overall pipeline cycle time?
How would you configure a pipeline to react to specific branches, such as building only on main or running extensive tests on feature branches before merge?
How would you integrate CI/CD pipelines to automate deployments when deploying an application to the cloud?
How would you migrate from manual deployments to CI/CD?
Outline the common stages of a robust CI/CD pipeline and the primary goal of each stage, explaining why they exist in that order.
What are pipeline templates and reusable pipeline definitions, and why are they valuable?
What are pipeline triggers and how do they initiate a pipeline run?
What are some strategies for optimizing CI/CD pipelines?
What is lead time for changes and how do you reduce it in a pipeline?
What is the difference between stages, jobs, steps, and tasks in a pipeline?
Delivery Vs Deployment
Explain the precise distinctions between Continuous Delivery and Continuous Deployment.
What are feature flags and how do they enable continuous deployment?
What does it mean to decouple deployment from release, and why is that valuable?
What is the importance of reproducible builds in CI/CD?
What role does manual approval play in Continuous Delivery versus Continuous Deployment?
When would you choose Continuous Delivery over Continuous Deployment, and vice versa?
Why do you need backward and forward compatibility when deploying changes, and how does expand-contract handle it?
Infrastructure As Code & Gitops
How do CI/CD and Kubernetes work together at a conceptual level?
How do drift detection and self-healing work in a GitOps model?
How does Infrastructure as Code integrate into your CI/CD pipeline?
How is environment promotion handled through git in a GitOps workflow?
What is drift in infrastructure and why is it a concern in CI/CD?
What is immutable infrastructure and how does it relate to CI/CD?
What is the difference between push-based and pull-based deployment in GitOps?
Runners & Agents
How do runner pools, labels, and tags help route jobs to the right agents?
What are the trade-offs between hosted and self-hosted runners?
What is a CI/CD runner or agent?
What is the difference between ephemeral and persistent runners, and why prefer ephemeral ones?
What is the difference between Jenkins agents and controllers?
Testing & Quality Gates
How do smoke tests and health checks act as deployment verification gates in a pipeline?
How do you integrate static code analysis into a CI/CD pipeline, and what is its purpose?
How do you set and enforce code coverage thresholds as a quality gate, and what are the pitfalls?
How does the test pyramid influence the design and speed of a CI/CD pipeline?
What are quality gates in a CI/CD pipeline?
What is a flaky test, what is its negative impact on the CI/CD pipeline, and how do you deal with them?
Where and how do different types of tests (unit, integration, end-to-end) fit into a CI/CD pipeline?
Rollback & Release Safety
How do you ensure reliable rollback operations after a deployment issue?
How do you handle database migration safely within your pipeline, especially for zero-downtime deployments?
What are common rollback strategies in CI/CD, and when would you use them?
What is the difference between rollback and roll-forward, and when would you choose each?
Builds Artifacts & Dependencies
How do you handle dependency version conflicts in a CI/CD pipeline?
How do you tag and store build outputs to ensure traceability?
What does 'build once, promote the same artifact' mean and why is it a best practice?
What is a build artifact, and what is the importance of an artifact repository in the CI/CD process?
What is a hermetic build and why does it matter for reproducibility?
What is idempotency in automation in the context of deployments?
What versioning schemes are used for build artifacts, and what are the trade-offs of semantic versioning versus git-SHA or build-number tagging?
Why do lockfiles matter for dependency management in a CI/CD pipeline?
Environments & Configuration
How do you handle environment-specific configurations in a CI/CD pipeline?
What are ephemeral environments in the context of CI/CD?
Metrics Reliability & Anti Patterns
How do you measure and improve pipeline reliability and reduce pipeline flakiness?
What are common CI/CD anti-patterns to avoid?
What are DORA metrics and how do they measure software delivery performance?
What is change-failure rate and how can a pipeline help lower it?
What is MTTR in the context of deployments and how do CI/CD practices improve it?
What is the difference between a CI server/orchestrator and a build tool?
Stages Jobs & Execution
How do you parallelize or shard tests to speed up a pipeline, and what challenges does that introduce?
How do you pass artifacts or state between stages of a pipeline?
What are caching strategies in CI/CD and why are they important?
What are fan-in and fan-out in a pipeline, and when would you use them?
What is a matrix build and when is it useful?
What is parallel execution in pipelines?
Branching & Integration Strategy
How does trunk-based development enable Continuous Integration?
What are the trade-offs between trunk-based development and GitFlow, and when would you use each in a CI/CD context?
What is pipeline as code?
What special concerns arise when designing pipelines for a monorepo versus multiple repositories?