What You’ll Learn
Build and Publish
Automated build, test, and publish processes
Pull Request Check
PR validation, quality checks, and security scans
Release
Production release and publishing
Release Draft
Create release drafts with quality checks
Hotfix Release
Automatic hotfix release drafts
Repository Provisioning
Initial repository setup and configuration
Reusable Components
Common workflows and actions reference
Configuration
Configuration files, secrets, and templates
CI/CD Pipeline Overview
The Agentic AI platform uses a comprehensive CI/CD pipeline that automates:- Repository Provisioning: Initial setup when cloning from template
- Pull Request Validation: Quality checks, security scans, and testing on PRs
- Build and Publish: Automated build and artifact publishing on merge
- Release Management: Create release drafts and publish production releases
- Hotfix Handling: Emergency release process for critical fixes
backbase-common/gc-ai-workflows for consistency across all agent projects.
Reusable Workflows and Actions
All workflows use standardized reusable components frombackbase-common/gc-ai-workflows:
Reusable Workflows
- build-publish.yaml: Complete build, test, and publish pipeline
- pull-request-check.yaml: Comprehensive PR validation workflow
Reusable Actions
- setup-project: Project environment setup with Python and
uv - code-quality: Code quality checks (pylint, pytest, hadolint)
- sonar-check: SonarCloud code analysis
- security-check: Trivy vulnerability scanning
- promptfoo-evaluation: LLM prompt evaluation
- promptfoo-redteaming: Security and adversarial testing
- build-docker: Docker image building
- push-docker: Docker image publishing to Azure ACR
- create-release-draft: Release draft creation with versioning
- provision-python-project: Python project template provisioning
- validate-pull-request-body: PR body validation
- check-action-pinning: GitHub Actions security validation
- resolve-metadata: Version and metadata resolution
- setup-promptfoo: Promptfoo environment setup
Workflow Files Location
All CI/CD workflows are defined in.github/workflows/ directory in your agent repository:
build-publish.yaml- Build and publish artifacts on PR mergepull-request-check.yaml- PR validation and quality checksrelease.yaml- Production release workflowrelease-draft.yaml- Create release drafts manuallyhotfix-release-draft.yaml- Create hotfix release draftsrepository-provisioning.yaml- Initial repository setup
backbase-common/gc-ai-workflows and follow standardized CI/CD practices.
Workflow Stages
Repository Provisioning
Automated setup when creating a new agent from template, including project configuration and baseline versioning.Pull Request Validation
Comprehensive validation including:- Code quality checks (pylint, pytest, hadolint)
- Security scanning (Trivy)
- SonarCloud analysis
- Testing (Promptfoo evaluation, Redteam)
- PR body validation
Build and Publish
Automated build and artifact publishing triggered on PR merge, with optional quality gates for main/develop branches:- Docker image building
- Security scanning
- Publishing to Azure Container Registry
Release Management
- Manual release draft creation with quality checks
- Automatic hotfix release drafts
- Production release publishing with full quality gates
Benefits
- Automation: Reduce manual errors and speed up delivery
- Quality: Automated testing and validation at every stage
- Consistency: Standardized processes across all agent projects via reusable workflows
- Visibility: Clear feedback on build and deployment status
- Security: Integrated security scanning and quality gates