Skip to content

CI/CD standards

This page outlines org-wide CI expectations. Each repo should have a short repo-specific CI page linking back here.

Baselines

  • CI must run on pull requests and main branch pushes.
  • Use pinned language versions (via .python-version, .nvmrc, or explicit workflow matrix).
  • Lint and format checks should be blocking.
  • Tests should run with required service dependencies (Postgres/Redis/etc.).
  • Keep secrets in CI secret storage; never commit them.
  • Backend: lint + format + tests.
  • Frontend: type checks + build.
  • IaC: validate + plan for PRs, apply on main with approval.

Artifacts and caching

  • Cache dependency installs when possible.
  • Store build/test artifacts only when needed for debugging or deployment.

Repo-specific references

  • Trak: trak/docs/trak/devops/ci.md
  • Watchman (frontend): add a repo page when available.
  • ws-infra (IaC): add a repo page when available.