CI/CD is where good engineering habits become visible. These questions check whether a candidate understands automated delivery, not just how to click “merge.”
Hiring a CI/CD developer is easy. Telling a real one from a convincing résumé is the hard part — and it’s most of what we do. These are grouped by level, because the same question that stretches a junior is a warm-up for a senior.
Junior CI/CD interview questions
0–2 years
Fundamentals.
What is the difference between continuous integration, delivery and deployment?
CI merges and tests changes frequently; continuous delivery keeps them always releasable; continuous deployment ships every passing change automatically.
Uses the terms interchangeably.
What is a build pipeline?
An automated sequence — build, test, package, deploy — triggered by code changes, giving fast feedback.
Builds and deploys manually from a laptop.
Why automate tests in CI?
To catch regressions early on every change, so problems are cheap to fix and merges stay safe.
Runs tests occasionally, by hand.
What is a build artifact?
The packaged output of a build (binary, image, bundle) that is versioned and deployed, ideally built once and promoted.
Rebuilds separately for each environment.
What triggers a pipeline?
Events like a push, pull request, tag or schedule; branch rules decide what runs.
No idea what starts the pipeline.
Why is version control central to CI/CD?
Every change flows through source control, which triggers pipelines and provides history and rollback points.
Deploys code that isn’t committed.
What is the value of failing fast?
Stopping the pipeline on the first failure gives quick, clear feedback and prevents shipping broken code.
Lets a red build proceed to deploy.
What are pipeline stages and gates?
Ordered phases (test, security scan, deploy) with gates that must pass before promotion.
Deploys straight to prod with no gates.
Mid-level CI/CD interview questions
2–5 years
Testing and deployment.
What deployment strategies do you know?
Rolling, blue-green and canary, each trading rollout speed against risk and resource cost.
Only knows “replace everything at once.”
How do you enable safe rollbacks?
Immutable, versioned artifacts and one-command rollback to the previous version, plus database changes that are backward-compatible.
Has no rollback plan beyond redeploying old code manually.
How do you structure a good test pyramid in CI?
Many fast unit tests, fewer integration tests, and a small number of end-to-end tests to balance speed and confidence.
Relies solely on slow, flaky end-to-end tests.
How do you keep pipelines fast?
Caching dependencies and layers, parallelising jobs, running only affected tests, and failing fast.
Rebuilds everything from scratch every run.
How do you manage secrets in a pipeline?
Secret stores and masked variables injected at runtime, never committed or printed in logs.
Hardcodes credentials in the pipeline config.
How do you handle database migrations in deployment?
Backward-compatible, automated migrations decoupled from code deploy (expand/contract) to avoid downtime.
Runs risky migrations manually at deploy time.
What is a feature flag and how does it help delivery?
A runtime toggle that decouples deploy from release, enabling gradual rollout and quick disablement without redeploying.
Branches for months instead of merging behind a flag.
How do you deal with flaky tests?
Quarantine and fix them, since flakiness erodes trust and encourages ignoring failures.
Reruns until green and ignores the flakiness.
Senior CI/CD interview questions
5+ years
Strategy and reliability.
How do you design a pipeline for a large team?
Trunk-based development, short-lived branches, fast reliable checks, automated gates, and progressive delivery.
Long-lived branches and manual release trains.
How do you build security into the pipeline (DevSecOps)?
Dependency and container scanning, secret detection, SAST/DAST, and signed artifacts as gates.
Security checks happen manually, if at all.
How do you achieve zero-downtime deployments?
Backward-compatible changes, health-checked rolling or blue-green deploys, and connection draining.
Takes the service down to deploy.
How do you measure delivery performance?
DORA metrics — deployment frequency, lead time, change-failure rate and time to restore — to guide improvement.
No metrics on delivery health.
How do you implement progressive delivery with automated rollback?
Canary releases gated on error/latency metrics that auto-roll-back on regression.
Ships to everyone and rolls back manually after users complain.
How do you promote a single artifact across environments?
Build once, then deploy the identical artifact to staging and prod with environment-specific config, ensuring parity.
Builds separately per environment, causing drift.
How do you keep CI/CD reliable and trustworthy?
Fast, deterministic pipelines, quarantined flakes, clear ownership, and observability into pipeline health.
A slow, flaky pipeline everyone bypasses.
How do you handle infrastructure changes in CI/CD?
Infrastructure as code with plan/review/apply gates and drift detection, treated like application code.
Makes infra changes by hand outside the pipeline.
Build and score a full interview with our free interview scorecard tool, browse the full question hub, or see how we interview engineers.