You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/CI-CD/README.md
+22Lines changed: 22 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -57,3 +57,25 @@ CircleCI also allows workflows, parallelism and splitting your tests across any
57
57
### AppVeyor
58
58
59
59
AppVeyor is another free CI service for open source projects which also supports Windows-based builds.
60
+
61
+
## AI-assisted CI/CD authoring
62
+
AI tools can accelerate writing CI/CD pipeline YAML, jobs, and scripting snippets, but they must be used with explicit guardrails.
63
+
64
+
Suggested workflow:
65
+
- Use AI to draft CI/CD pipeline templates or job steps as a starting point (for example, generating a minimal GitHub Actions workflow).
66
+
- Run the draft pipeline in a safe non-production environment or CI sandbox to validate syntax and basic behaviour.
67
+
- Require a human reviewer to validate generated steps for correctness, idempotence, and security implications (especially around secrets, permissions, and external actions).
68
+
- Add tests or smoke checks to the pipeline so changes can be validated automatically when the pipeline runs.
69
+
- Promote approved templates into a central location (for example, `.github/workflows/` or a shared pipeline template repository) so teams reuse vetted, audited pipelines.
70
+
71
+
Guardrails and checklist (before merging AI-generated pipeline changes):
72
+
-[ ] Human review completed and documented in PR
73
+
-[ ] No secrets or credentials are hard-coded
74
+
-[ ] Required linting and syntax checks pass locally and in CI
75
+
-[ ] Security and license scans run and report no critical issues
76
+
-[ ] Pipeline steps are idempotent and have clear rollback strategies where applicable
77
+
-[ ] Generated content is annotated in the PR description (e.g., "AI-assisted draft") so reviewers know to apply extra scrutiny
78
+
79
+
Notes:
80
+
- AI-generated pipelines are excellent for reducing boilerplate and accelerating iteration, but they do not replace domain knowledge and security review.
81
+
- Maintain a small set of vetted pipeline templates to reduce risk and improve reproducibility.
Copy file name to clipboardExpand all lines: docs/agile-development/branching-and-cicd.md
+3-32Lines changed: 3 additions & 32 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -42,40 +42,11 @@ jobs:
42
42
- Automate as much of the gate (linting, unit tests, basic security scans) as possible to keep manual review focused on design and architecture.
43
43
- Adapt branch protection to match team size and delivery cadence.
44
44
45
-
---
46
-
47
-
## Alignment with CI/CD guidance
48
-
This page complements the central CI/CD guidance in `docs/CI-CD/README.md`. Key expectations teams should follow:
45
+
## CI/CD guidance
46
+
This page complements the central [CI/CD guidance](../CI-CD/README.md). Key expectations teams should follow:
49
47
50
48
- The integration (main) branch should be continuously shippable and stable — at any point we should be able to deploy a build from `main` to production if needed.
51
49
- Run a quality pipeline (linting, unit tests, basic integration tests) on each PR and on merges to the integration branch.
52
50
- Provision cloud resources and environment configuration via infrastructure-as-code (for example Terraform, Bicep, Pulumi) and exercise them in non-production environments.
53
51
- Deploy release candidates automatically to a non-production environment to validate integration and operational concerns.
54
-
- Automate release and rollback procedures so releases are repeatable and auditable.
55
-
56
-
## Tools (reference)
57
-
Refer to `docs/CI-CD/README.md` for more detail on recommended tools. Common options include:
58
-
- Azure Pipelines — recommended/used across many Microsoft engagements for CI/CD.
AI tools can accelerate writing CI/CD pipeline YAML, jobs, and scripting snippets, but they must be used with explicit guardrails.
63
-
64
-
Suggested workflow:
65
-
- Use AI to draft CI/CD pipeline templates or job steps as a starting point (for example, generating a minimal GitHub Actions workflow).
66
-
- Run the draft pipeline in a safe non-production environment or CI sandbox to validate syntax and basic behaviour.
67
-
- Require a human reviewer to validate generated steps for correctness, idempotence, and security implications (especially around secrets, permissions, and external actions).
68
-
- Add tests or smoke checks to the pipeline so changes can be validated automatically when the pipeline runs.
69
-
- Promote approved templates into a central location (for example, `.github/workflows/` or a shared pipeline template repository) so teams reuse vetted, audited pipelines.
70
-
71
-
Guardrails and checklist (before merging AI-generated pipeline changes):
72
-
- [ ] Human review completed and documented in PR
73
-
- [ ] No secrets or credentials are hard-coded
74
-
- [ ] Required linting and syntax checks pass locally and in CI
75
-
- [ ] Security and license scans run and report no critical issues
76
-
- [ ] Pipeline steps are idempotent and have clear rollback strategies where applicable
77
-
- [ ] Generated content is annotated in the PR description (e.g., "AI-assisted draft") so reviewers know to apply extra scrutiny
78
-
79
-
Notes:
80
-
- AI-generated pipelines are excellent for reducing boilerplate and accelerating iteration, but they do not replace domain knowledge and security review.
81
-
- Maintain a small set of vetted pipeline templates to reduce risk and improve reproducibility.
52
+
- Automate release and rollback procedures so releases are repeatable and auditable.
0 commit comments