Salesforce Dictionary - Free Salesforce GlossarySalesforce Dictionary
Salesforce Architect
medium

How do you architect CI/CD for a Salesforce project?

Goal: code goes from PR -> sandbox -> production with quality gates and minimal manual work.

Components:

1. Source control.

  • Git repository (GitHub / GitLab / Bitbucket).
  • Branch strategy: feature branches off develop; develop to main for production.

2. Salesforce DX.

  • Source format metadata.
  • sfdx-project.json defines structure.
  • Scratch orgs for feature dev.

3. CI/CD platform.

  • GitHub Actions, GitLab CI, Bitbucket Pipelines, Jenkins, CircleCI.
  • Or Salesforce DevOps Center for in-platform.

4. Pipeline stages:

On PR open:

  • Create scratch org.
  • Deploy source to scratch.
  • Run all Apex tests with coverage.
  • Run PMD / ESLint.
  • Run Jest tests.
  • Validate metadata.
  • Comment on PR with results.
  • Delete scratch org.

On merge to develop:

  • Validate-only deploy to UAT sandbox.
  • If clean, deploy.
  • Run smoke tests.
  • Notify team.

On merge to main:

  • Validate-only deploy to production.
  • Manual approval gate.
  • Deploy to production.
  • Run smoke tests.
  • Notify team.

5. Quality gates:

  • 75% Apex coverage.
  • PMD findings under threshold.
  • ESLint clean.
  • All tests pass.
  • Security review passed (for sensitive changes).

6. Secrets management.

  • Per-org auth tokens stored as CI secrets.
  • JWT-based auth for headless CI.

7. DevOps tooling:

  • DevOps Center (Salesforce native, free).
  • Gearset / Copado / Salto / AutoRABIT / Flosum — managed packages with diffing, conflict detection, scheduled releases.
  • Choose based on team size, complexity, budget.

8. Branching strategy:

  • Trunk-based — one main branch; short-lived feature branches.
  • Git Flow — main + develop + release + hotfix branches.
  • GitHub Flow — main + feature branches; ship-and-iterate.

9. Sandbox strategy:

  • Per-developer scratch orgs.
  • Shared dev sandbox.
  • UAT / staging.
  • Production.

10. Observability:

  • Deploy logs.
  • Test results trend.
  • Time-to-deploy trend.
  • Failure rate.

Architect role: design the pipeline; standardise across teams; iterate based on metrics.

Common pitfalls:

  • No CI — manual deploys forever.
  • Slow pipeline — devs bypass to "get work done".
  • No quality gates — broken code reaches production.
  • Over-engineered — pipeline complexity exceeds value.

Modern Salesforce projects expect CI/CD. Without it, you're slow, error-prone, and increasingly behind the platform's expectations.

Why this answer works

Senior. The pipeline stages, tooling options, and quality-gate framework are mature.

Follow-ups to expect

Related dictionary terms