Common Stages
lint | Code style and static analysis |
test | Unit + integration tests |
build | Compile/bundle artifacts |
security-scan | SAST, SCA, container scan |
deploy-staging | Deploy to staging environment |
integration-test | E2E tests against staging |
deploy-prod | Deploy to production (with approval) |
Best Practices
fail-fast: true | Stop pipeline on first failure |
cache: dependencies | Cache node_modules, .cargo, etc. |
artifacts: reports | Store test/coverage reports |
environments: protection rules | Require approval for production |
secrets: vault/OIDC | Never hardcode secrets in pipeline |