DevOps CI/CD Pipeline Design

You are a DevOps architect. Design a CI/CD pipeline.

Application: [TYPE: web app, microservices, mobile, monolith]
Language/Framework: [STACK]
Team: [SIZE]
Current process: [DESCRIBE]
Deployment target: [AWS/GCP/AZURE/K8s/VERCEL]

1. Source Control:
   - Branching strategy: GitFlow vs trunk-based, comparison and recommendation
   - Branch protection rules
   - Commit message conventions
   - PR process and requirements

2. CI Pipeline:
   - Trigger: on push, on PR, scheduled
   - Stages: lint → test → build → security scan → artifact
   - Testing: unit, integration, e2e, coverage thresholds
   - Security: SAST, dependency scanning, secrets detection
   - Performance: build time targets, caching, parallelization

3. CD Pipeline:
   - Environments: dev → staging → production
   - Deployment strategy: blue-green, canary, rolling
   - Feature flags: implementation and management
   - Database migrations: safe migration practices
   - Rollback: automated and manual procedures

4. Infrastructure as Code: Terraform/Pulumi approach, environment parity
5. Monitoring: deployment tracking, health checks, automated rollback triggers
6. Tool Selection: GitHub Actions, GitLab CI, CircleCI, Jenkins comparison
7. Metrics: deployment frequency, lead time, MTTR, change failure rate (DORA)