Jenkins Deployment Pipelines

Deployment strategies, environment promotion, and release management

Language / Topic

Jenkins

Rules

Jenkins Deployment Pipelines · balanced balanced

- Implement environment promotion: Build -> Deploy Staging -> Approval Gate -> Deploy Production with input step

- Tag every artifact with Git commit SHA or build number — never deploy latest to production

- Use withCredentials to inject deployment secrets at runtime — never store in Jenkinsfile

- Implement health checks after deployment — fail pipeline if checks fail

- Use blue-green or canary strategies — avoid big-bang deployments

- Structure as promotion chains: Build -> Staging -> Tests -> Approval -> Production

- Use input for approval gates: input message: 'Deploy?' submitter: 'release-team'

- Tag artifacts with immutable identifiers: GIT_COMMIT or BUILD_NUMBER — never latest

- Use withCredentials for deployment secrets — scoped to block, masked in logs

- Health checks after deployment: curl --retry 5 -f https://app/health

- Blue-green: deploy to inactive environment, smoke test, switch load balancer

- Canary: small percentage first, monitor error rates, then full rollout or rollback

- Automatic rollback in post { failure { } }: kubectl rollout undo

- Use lock(resource: 'production-deploy') to prevent concurrent deployments

- Send deployment events to observability platforms for change correlation

- Notifications: Slack, Teams with commit SHA, environment, build link

- Use milestone() before deploy to abort older queued deployments