Continuous integration (CI) workflows are DevOps automations saved as YAML files that orchestrate build, test, and deployment activities as part of a fast development feedback loop. Understanding workflow architecture is essential for designing effective CI strategies, optimizing development velocity, and leveraging CloudBees Unify’s integrated platform capabilities. Workflows serve as the connective tissue between CloudBees Unify’s functional areas, coordinating security scanning, analytics collection, feature management, and release orchestration.
| CI workflows cover the build, test, and lightweight deployment activities that provide fast feedback to developers. For controlled release progression through environments (including approval gates, audit trails, and multi-component coordination), refer to Understanding release orchestration. |
What are CI workflows in CloudBees Unify?
CI workflows are platform-native automations that execute within CloudBees Unify’s unified ecosystem. Unlike standalone CI tools, CloudBees Unify workflows integrate automatically with the platform’s security scanning, analytics dashboards, feature management, and release orchestration capabilities.
Workflows are stored as YAML files in your repository’s .cloudbees/workflows/ directory and execute on CloudBees Unify’s shared Kubernetes infrastructure.
This platform-native approach eliminates the integration complexity typically required to connect separate CI/CD tools, security scanners, and analytics platforms.
The platform’s component-based organization means workflows operate within well-defined boundaries that align with CloudBees Unify’s security model, analytics collection, and cross-functional collaboration patterns.
Workflow architecture fundamentals
Every CloudBees Unify workflow follows a two-part architecture: triggers define when automation runs, and jobs define what automation does. This separation allows flexible event handling while maintaining clear execution boundaries.
Triggers respond to development activities like code pushes, pull requests, or scheduled events. Jobs contain the actual work steps that run in isolated, containerized environments on CloudBees Unify’s Kubernetes infrastructure. The platform handles job scheduling, resource allocation, and execution monitoring automatically.
This architecture enables CloudBees Unify to coordinate workflows across components and organizations while maintaining security isolation and resource efficiency. When workflows execute, they automatically integrate with the platform’s built-in capabilities rather than requiring manual configuration of external integrations.
Workflow types in the CloudBees Unify platform
CloudBees Unify supports two workflow types that serve different automation needs within the unified platform context.
Standard workflows handle CI activities like building, testing, and deploying code changes. These workflows automatically integrate with CloudBees Unify’s security scanning engines, publishing results to the platform’s analytics dashboards and feeding data into DORA metrics collection. Standard workflows are designed for fast feedback loops and developer productivity.
Staged workflows coordinate release management activities that span multiple components or require approval gates. These workflows connect to CloudBees Unify’s release orchestration capabilities, enabling controlled progression through environments with proper audit trails and compliance tracking. Staged workflows are optimized for coordination and control rather than speed.
The choice between workflow types depends on whether you’re optimizing for development velocity (standard) or release coordination (staged). Both types leverage the same underlying platform infrastructure and integration capabilities.
Understanding triggers in the platform ecosystem
CloudBees Unify workflows use five trigger types that integrate naturally with the platform’s component and organizational structure.
Push triggers initiate CI flows when code changes arrive. These triggers automatically coordinate with CloudBees Unify’s security scanning engines, ensuring that vulnerability detection, secret scanning, and compliance checks execute as part of the standard development workflow. Push triggers respect component boundaries and organizational permissions automatically.
Pull request triggers enable quality gates and validation workflows. These triggers integrate with CloudBees Unify’s analytics collection, feeding pull request metrics into Flow and DORA dashboards without requiring additional configuration. The platform’s built-in integration eliminates the webhook configuration typically needed with external CI tools.
Schedule triggers support maintenance operations and batch processing using cron syntax. CloudBees Unify manages scheduled execution centrally, providing visibility and coordination across all scheduled workflows in your organization. This centralized approach prevents resource conflicts and enables better capacity planning.
Workflow dispatch triggers provide manual control integrated with CloudBees Unify’s role-based access control system. Manual triggers respect component permissions and organizational boundaries, ensuring that only authorized users can initiate specific workflows. This integration eliminates the need to configure separate authentication for manual workflow execution.
Workflow call triggers enable workflow composition within CloudBees Unify’s security model. Reusable workflows can be shared across components and organizations while maintaining appropriate access control and audit trails. The platform handles inheritance of secrets and variables according to organizational policy automatically.
Job orchestration within CloudBees Unify
Jobs execute within CloudBees Unify’s component-scoped environment, automatically inheriting the platform’s security context and integration capabilities.
When workflows run, CloudBees Unify creates isolated Kubernetes pods for job execution using the platform’s shared infrastructure. This approach provides consistent resource allocation, security isolation, and monitoring across all workflow execution without requiring infrastructure management from development teams.
Jobs automatically connect to CloudBees Unify’s built-in services like security scanning engines, artifact storage, and analytics collection endpoints. These connections eliminate the credential management and service discovery typically required when integrating separate CI/CD tools with security and analytics platforms.
The platform’s job orchestration supports three execution patterns that serve different automation needs.
Standard jobs execute build, test, and deployment steps with automatic integration to platform services. These jobs inherit component-level credentials and permissions, simplifying secure access to external systems without exposing sensitive information in workflow definitions.
Reusable workflow jobs enable modular automation that can be shared across teams while respecting organizational boundaries. CloudBees Unify handles the security and access control implications of workflow sharing automatically, preventing privilege escalation while enabling collaboration.
Custom jobs provide integration points for manual approval processes and external system coordination. These jobs integrate with CloudBees Unify’s notification system and approval workflows, enabling human oversight within automated processes.
Workflow composition across platform functional areas
CloudBees Unify workflows serve as coordination mechanisms between the platform’s different functional areas, enabling cross-functional automation patterns that span security, feature management, and release orchestration.
Workflows can trigger security scans, collect analytics data, coordinate feature flag rollouts, and initiate release processes using the platform’s built-in integration points. This composition capability allows teams to create automation that spans multiple disciplines without managing complex integration logic.
Security integration happens automatically when workflows execute. The platform’s security scanning engines integrate with workflow execution, publishing findings to the security center and updating component security posture without requiring explicit workflow configuration.
Analytics integration occurs transparently as workflows run. CloudBees Unify automatically collects deployment frequency, lead time, and failure recovery metrics from workflow execution, feeding DORA and Flow dashboards without additional instrumentation.
Feature management integration enables workflows to coordinate feature rollouts with deployment activities. Workflows can trigger feature flag updates and coordinate progressive rollout strategies using CloudBees Unify’s feature management capabilities.
Release orchestration integration allows workflows to participate in broader release coordination activities. Workflows can trigger release processes, update release status, and coordinate multi-component deployments through the platform’s release orchestration system.
This integrated approach eliminates the point-to-point integration complexity typically required to coordinate CI/CD pipelines with security, analytics, feature management, and release management tools.
Design considerations for CloudBees Unify workflows
Effective workflow design in CloudBees Unify leverages the platform’s built-in capabilities while respecting organizational boundaries and security models.
Platform-optimized patterns take advantage of CloudBees Unify’s automatic integrations rather than reimplementing functionality that the platform provides. For example, workflows should rely on the platform’s built-in artifact storage and security scanning rather than configuring external alternatives.
Cross-functional collaboration works best when workflows are designed with CloudBees Unify’s organizational model in mind. Workflows that need to span multiple teams should use the platform’s inheritance and sharing mechanisms rather than duplicating automation across components.
Security considerations focus on leveraging CloudBees Unify’s built-in security context rather than managing credentials and access control within workflow definitions. The platform’s component-scoped execution and organizational permissions provide security isolation without requiring explicit workflow configuration.
Performance optimization aligns with CloudBees Unify’s resource allocation and scheduling capabilities. Workflows should be designed to work effectively with the platform’s shared infrastructure rather than assuming dedicated resources or specific timing guarantees.
Understanding these patterns helps teams create workflows that integrate naturally with CloudBees Unify’s unified platform approach while avoiding the integration complexity associated with connecting separate tools.