Design a CI/CD pipeline

Q: Design a CI/CD pipeline

This is a System Design interview question from OpenAI for Software Engineer roles. View the full question and solution on PracHub.

Q: How do I approach System Design interview questions?

System Design questions require understanding of core concepts and practice. PracHub provides solutions with explanations to help you master system design interviews.

Question

System Design: Scalable CI/CD for Dozens of Microservices

Context

You are designing a CI/CD platform to support dozens of polyglot microservices (e.g., Go/Java/Node/Python) deployed to Kubernetes on a major cloud provider. The organization needs fast, reliable, compliant delivery with robust security and observability.

Task

Design the end-to-end CI/CD architecture and explain how it scales and remains secure and cost-effective. Cover the following:

Triggers and Workflow
- Supported triggers: push, pull request, schedule, manual.
- Branching strategy and environments (dev/staging/prod).
Build and Dependencies
- Build isolation, reproducibility, and caching (container layer cache, remote cache, language caches).
- Dependency management (lockfiles, proxies/mirrors).
Testing Strategy
- Orchestration for unit, integration, and end-to-end tests.
- Parallelization/sharding, data setup, flaky-test handling.
Artifacts and Versioning
- What artifacts are produced (images, packages, Helm charts).
- Versioning scheme, metadata, immutability.
Promotion and Deployment
- Environment promotion model (e.g., GitOps).
- Deployment strategies: rolling, blue/green, canary with automated analysis.
- Rollback strategy.
Observability
- CI/CD pipeline observability and application runtime observability (logs, metrics, traces, alerting).
Secrets and Access
- Secret management, short-lived credentials, separation of duties.
Scaling the Platform
- Runners/executors autoscaling, isolation, caching at scale.
- Supporting monorepo vs. multirepo.
Governance and Compliance
- Approvals, change management, policy-as-code, auditability.
Reliability and Recovery

Rollback and disaster recovery for both apps and the CI/CD platform.

Cost Controls

Techniques to control compute, storage, and tooling costs.

Supply Chain Security

SBOM, signing, provenance/attestations, admission controls.

KPIs/SLOs and On-call

Key delivery and platform KPIs/SLOs.
On-call playbook for failed deployments.

Provide assumptions if needed and clearly justify design choices.

Design a CI/CD pipeline

System Design: Scalable CI/CD for Dozens of Microservices

Context

Task

Solution

Comments (0)