A CI/CD Pipeline That Actually Works (Under 200 Lines of YAML)
We have inherited CI/CD pipelines from other teams at least twenty times. They fall into two categories. Category one: a GitHub Action that runs npm install and deploys to production on every push to main. No tests, no linting, no type checking. Ships bugs fast. Category two: a 500-line YAML running linting, type checking, unit tests, integration tests, E2E tests, security scanning, bundle analysis, and Lighthouse audits. Takes 45 minutes, fails 20% from flaky E2E tests. Ships nothing because developers stop waiting.
Our pipeline sits in the middle. It runs in under 8 minutes and catches the bugs that matter.
Stage one: Static Analysis, running in parallel, 60-90 seconds. TypeScript type checking, ESLint, Prettier format checking. Three jobs catching the cheapest bugs without building anything.
Stage two: Tests, 2-4 minutes. Unit and integration tests with Vitest. Integration tests run against a real PostgreSQL via Docker service container. Migrations run as setup in about 15 seconds. Far cheaper than mocking the database and far more reliable at catching real bugs.
Stage three: Build and Performance, 2-3 minutes. Production build, bundle size analysis against budgets, Lighthouse CI on key pages. Build artifact cached for deploy.
Stage four: Deploy, 30-60 seconds. Push artifact to hosting. Only runs on main branch.
What we deliberately exclude: E2E tests in CI. This is our most controversial decision. E2E suites are the slowest and flakiest category. A 10-minute suite failing 15% from timing issues destroys developer trust. We run Playwright locally before merging and nightly against staging instead.
Caching is critical. node_modules keyed on package-lock.json hash, Next.js build cache, Playwright binaries for nightly runs. Without caching: 12-15 minutes. With: 6-8 minutes.
Branch protection enforces everything: all checks must pass, one approving review, no direct pushes to main. We track average duration (alert above 10 minutes) and failure rate (alert above 15% weekly).
A fast reliable pipeline catching 90% of bugs is infinitely better than a slow flaky one catching 99% that nobody trusts.
About the Author
Fordel Studios
AI-native app development for startups and growing teams. 14+ years of experience shipping production software.
Related Articles
Infrastructure as Code: What They Do Not Tell You in the Tutorial
We adopted Terraform for "reproducible infrastructure" and spent the first six months fighting state management. Here is what IaC actually looks like in practice for a small consultancy.
Zero-Downtime Deployments Without the Enterprise Tooling
Your users should never see a deployment in progress. Here is how we achieve zero-downtime deployments for every project without Kubernetes or complex orchestration.
The Monitoring Stack That Actually Works for Startups in 2026
Datadog costs more than your entire infrastructure. Here is the monitoring stack we use for startup clients that costs under fifty dollars per month and catches 95 percent of issues before users report them.
Want to discuss this further?
We love talking shop. If this article resonated, let's connect.
Start a ConversationReady to build
something real?
Tell us about your project. We'll give you honest feedback on scope, timeline, and whether we're the right fit.
Start a Conversation