Skip to main content
Jenkins Pipeline
CHAPTER 08

CI/CD Workflows with Jenkins

Updated: May 15, 2026
25 min read

# CHAPTER 8

CI/CD Workflows with Jenkins

1. Introduction

A pipeline is simply a script that runs commands. The true value of Jenkins lies in the *logic* of the workflow you design. A poorly designed workflow will slow developers down; a well-designed CI/CD workflow acts as an automated quality control inspector, catching bugs before they reach customers. In this chapter, we will design a professional CI/CD workflow, explicitly defining the stages of Build, Test, and Deploy, and understanding how Jenkins acts as a strict gateway for code quality.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Map out a standard Continuous Integration workflow.
  • Understand the sequence of Build, Test, and Deploy stages.
  • Explain "Fail Fast" methodology in pipeline design.
  • Differentiate between staging and production deployment workflows.
  • Architect a basic CI/CD pipeline for a web application (e.g., PHP/Node.js).

3. Beginner-Friendly Explanation

Imagine a car manufacturing plant's quality control line.
  • The Build Stage (Assembly): The robot puts the engine in the car. If the engine doesn't fit, the robot hits the red button, the line stops, and the car is thrown out.
  • The Test Stage (The Dyno): The car moves to the next station. The robot turns the key. If the engine doesn't start, the robot hits the red button. The line stops.
  • The Deploy Stage (The Showroom): The car passed assembly and testing. A human inspector looks at it, nods, and the robot drives the car into the customer showroom.

A CI/CD workflow is a strict sequence. The code must survive every stage. If it fails a stage, Jenkins hits the red button and rejects the code.

4. The Anatomy of a Professional Workflow

A standard CI/CD pipeline contains the following sequence:
  1. 1. Checkout: Download the latest code from Git. (Jenkins does this implicitly when using Pipeline from SCM).
  1. 2. Build/Install Dependencies: For PHP, this means running composer install. For Node.js, npm install. This gathers all required third-party libraries.
  1. 3. Static Analysis (Linting): Checking the code for syntax errors without running it. (e.g., "Did the developer forget a semicolon?")
  1. 4. Unit Testing: Running automated scripts to verify individual functions work correctly.
  1. 5. Archive/Package: Zipping up the approved code or building a Docker image.
  1. 6. Deploy to Staging: Pushing the code to a private server so QA teams can test it.
  1. 7. Deploy to Production (Manual Approval): Waiting for a manager to click "Approve" before pushing to the live servers.

5. The "Fail Fast" Methodology

Pipelines should be designed to Fail Fast. If a developer writes broken code, they should know immediately. You should always put the fastest tests (like Syntax Linting, which takes 2 seconds) *before* the slow tests (like End-to-End browser testing, which might take 10 minutes). If the syntax is broken, Jenkins immediately fails the build at minute 1, saving 9 minutes of wasted server compute time.

6. Mini Project: Build a CI/CD Workflow for a PHP App

Let's translate the standard workflow into a Declarative Jenkinsfile for a PHP application.

Step-by-Step Pipeline Concept:

groovy
1234567891011121314151617181920212223242526272829303132333435363738 
pipeline {
    agent any
    stages {
        stage('Install Dependencies') {
            steps {
                echo 'Downloading PHP packages...'
                // Install dependencies securely
                sh 'composer install --no-dev --optimize-autoloader'
            }
        }
        stage('Static Analysis (Linting)') {
            steps {
                echo 'Checking for syntax errors...'
                // A fast check. Fails fast if there is a syntax error.
                sh 'find . -name "*.php" -print0 | xargs -0 -n1 php -l'
            }
        }
        stage('Unit Testing') {
            steps {
                echo 'Running PHPUnit tests...'
                // A slower check. Verifies the logic works.
                sh './vendor/bin/phpunit tests/'
            }
        }
        stage('Deploy to Staging') {
            steps {
                echo 'Tests passed! Deploying to the staging server...'
                // We will cover deployment tools in later chapters
                sh './deploy_script.sh staging'
            }
        }
    }
    post {
        failure {
            echo 'Pipeline failed! Code is rejected.'
        }
    }
}

7. Real-World Scenarios

A startup had a pipeline where the "Deploy to Staging" step happened *before* the "Unit Testing" step. The developers thought this was fine because "we test it on the staging server anyway." One day, a developer pushed code with a catastrophic syntax error. Jenkins blindly deployed it to the staging server, crashing the staging server entirely. The QA team couldn't work for hours while IT rebuilt the server. The DevSecOps engineer rewrote the pipeline logic: Code is strictly tested in isolated Jenkins workspaces *first*, and only deployed if it mathematically proves it functions correctly.

8. Best Practices

  • Isolate Environments: The environment where Jenkins builds and tests the code (the Jenkins Workspace) must be completely separate from the Staging and Production web servers. Jenkins should act as a bridge, testing in isolation, and then pushing only the clean, verified artifact to the final destination.

9. Security Recommendations

  • Clean the Workspace: During the Install Dependencies stage, malicious code can sometimes be downloaded if a dependency is compromised (Supply Chain Attack). Ensure your Jenkins pipeline always starts with a completely clean workspace to prevent compromised files from lingering between builds.

10. Troubleshooting Tips

  • Permissions Errors: If your sh 'composer install' step fails with a "Permission Denied" error, it is because the Linux user running Jenkins (usually the jenkins user) does not have read/write access to the directories. Ensure the Jenkins user has ownership of the workspace.

11. Exercises

  1. 1. Explain the "Fail Fast" pipeline methodology. Give an example of two stages and explain which should run first.
  1. 2. Why is it dangerous to deploy code to a server before running Unit Tests?

12. FAQs

Q: How do I add a manual approval step before deploying to Production? A: Jenkins provides an input step. You can add a stage that says input message: 'Deploy to Production?'. The pipeline will pause indefinitely, wait for an authorized human to log into the Jenkins UI and click "Proceed," and then continue to the deployment stage.

13. Interview Questions

  • Q: Outline a standard CI/CD workflow for a web application. Justify the sequence of the stages in terms of execution time and risk mitigation.
  • Q: A developer complains that their builds take 20 minutes to fail because Jenkins is running heavy integration tests before simple syntax linting. How do you architect the pipeline to improve developer feedback loops?

14. Summary

In Chapter 8, we transitioned from writing scripts to designing architecture. We learned that a Jenkins pipeline is a strict quality control assembly line. By enforcing a sequence of Install, Lint, Test, and Deploy, we guarantee that only proven, functional code reaches our servers. We embraced the "Fail Fast" methodology to optimize server compute time and provide immediate feedback to developers, turning Jenkins into the ultimate guardian of application stability.

15. Next Chapter Recommendation

To accomplish complex tasks like sending Slack messages or interacting with Docker, Jenkins needs new tools. Proceed to Chapter 9: Jenkins Plugins and Extensions.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Git and GitHub Integration
Next Chapter Jenkins Plugins and Extensions

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5