Skip to content
SF CTA Study Hub

CI/CD & Deployment Strategy

Continuous Integration and Continuous Deployment (CI/CD) in Salesforce is fundamentally different from traditional software CI/CD. The platform’s metadata-driven architecture, shared sandbox environments, and org-based development model create unique challenges. A CTA must design a deployment strategy that balances automation, safety, and team velocity.

Git Branching Strategies

GitFlow vs Trunk-Based Development

The branching strategy choice depends on team size, release cadence, and Salesforce-specific constraints.

flowchart LR
    subgraph GitFlow
        direction TB
        GF_MAIN[main] --> GF_DEV[develop]
        GF_DEV --> GF_FEAT1[feature/cpq-pricing]
        GF_DEV --> GF_FEAT2[feature/case-routing]
        GF_DEV --> GF_REL[release/2024-Q4]
        GF_REL --> GF_MAIN
        GF_MAIN --> GF_HOT[hotfix/email-bug]
        GF_HOT --> GF_MAIN
    end

    subgraph Trunk-Based
        direction TB
        TB_MAIN[main] --> TB_FEAT1[feature/cpq-pricing]
        TB_MAIN --> TB_FEAT2[feature/case-routing]
        TB_FEAT1 --> TB_MAIN
        TB_FEAT2 --> TB_MAIN
    end
FactorGitFlowTrunk-Based
Release cadenceScheduled releases (monthly, quarterly)Continuous deployment
Team sizeLarge teams (10+)Small to medium teams
Branch lifetimeLong-lived (days to weeks)Short-lived (hours to days)
Merge conflictsHigher risk due to long-lived branchesLower risk with frequent integration
Salesforce fitBetter for change set mentalityBetter for package-based development
ComplexityHigher — more branches to manageLower — fewer branches
Hotfix pathDedicated hotfix branchDirect to main with feature flag

CTA Recommendation

For most enterprise Salesforce teams, a modified GitFlow works best: main (production), develop (integration), and short-lived feature branches. Avoid pure trunk-based unless the team has strong CI/CD automation and high test coverage. The Salesforce metadata model makes merge conflicts more painful than in traditional codebases.

main              ← Reflects production state
├── develop       ← Integration branch, deployed to SIT
│   ├── feature/JIRA-123-cpq-pricing    ← Individual feature work
│   ├── feature/JIRA-456-case-routing   ← Individual feature work
│   └── feature/JIRA-789-lead-scoring   ← Individual feature work
├── release/2024-Q4  ← Release candidate, deployed to UAT/Staging
└── hotfix/JIRA-999-email-fix  ← Emergency production fix

Salesforce DX CLI

The Salesforce CLI (sf / sfdx) is the foundation of modern Salesforce DevOps.

Key CLI Commands for CI/CD

CommandPurposePipeline Stage
sf org create scratchCreate scratch org for testingBuild
sf project deploy startDeploy source to an orgDeploy
sf project retrieve startRetrieve metadata from orgDevelopment
sf apex run testExecute Apex unit testsTest
sf package createCreate an unlocked packagePackage
sf package version createCreate a new package versionPackage
sf package installInstall a package into an orgDeploy
sf org delete scratchClean up scratch orgCleanup

Source vs Metadata Format

  • Source format: Decomposed into individual files (field per file, not all fields in one XML). Better for version control, meaningful diffs.
  • Metadata format: Monolithic XML files (all fields in one CustomObject.object-meta.xml). Legacy format, harder to diff and merge.

Always Use Source Format

All new Salesforce DX projects should use source format. The Salesforce CLI supports both, but source format produces meaningful git diffs and reduces merge conflicts. If inheriting a metadata-format project, invest in converting to source format.

Deployment Mechanism Comparison

Salesforce offers multiple ways to move metadata between orgs. The right choice depends on team maturity, org complexity, and governance needs.

flowchart TD
    subgraph Legacy["Legacy"]
        CS[Change Sets<br/>Manual, no rollback<br/>no version history]
    end

    subgraph Modern["Modern — CLI-Based"]
        CLI[Salesforce CLI<br/>sf project deploy<br/>Source or metadata format]
        PKG[Unlocked Packages<br/>Versioned artifacts<br/>Dependency management]
    end

    subgraph Platform["Platform-Native"]
        DOC[DevOps Center<br/>Click-based + Git<br/>Built-in tracking]
    end

    subgraph ThirdParty["Third-Party Tools"]
        COP[Copado<br/>SF-native DevOps<br/>Compliance tracking]
        GS[Gearset<br/>Smart diff/merge<br/>Comparison tools]
    end

    CS -->|"Migrate to"| CLI
    CS -->|"Migrate to"| DOC
    CLI -->|"Evolve to"| PKG
    DOC -->|"Integrates with"| CLI

    style CS fill:#e76f51,stroke:#c45a3f,color:#fff
    style CLI fill:#2d6a4f,stroke:#1b4332,color:#fff
    style PKG fill:#2d6a4f,stroke:#1b4332,color:#fff
    style DOC fill:#4ecdc4,stroke:#3ab5ad,color:#000
    style COP fill:#f4a261,stroke:#d4823e,color:#000
    style GS fill:#f4a261,stroke:#d4823e,color:#000
MechanismRollbackVersion HistoryAutomationDependency MgmtBest For
Change SetsManual undo onlyNoneNoneNoneSmall admin teams, simple changes
Salesforce CLIRedeploy previousGit historyFull CI/CDManual (package.xml)Dev teams with CI/CD pipelines
Unlocked PackagesInstall prior versionPackage versionsFull CI/CDAutomaticLarge orgs, modular architecture
DevOps CenterVia Git historyGit + UI trackingPartialManualMixed admin/dev teams
Copado / GearsetTool-managedFull audit trailFull CI/CDTool-managedEnterprise compliance needs

DevOps Center

DevOps Center is Salesforce’s platform-native approach to change management. It provides a UI layer over Git-based source control, making it accessible to admins who are not comfortable with CLI tools. It supports both declarative and programmatic developers working together on the same project. However, it does not replace the need for a full CI/CD pipeline for complex enterprise implementations.

Change Sets: When They Are Still OK

Change sets are the legacy deployment mechanism. In a CTA scenario, you may encounter orgs still using them.

When Change Sets Are Acceptable

  • Very small teams (1-2 admins) with simple release processes
  • Admin-only changes (page layouts, validation rules, simple flows)
  • One-time migrations or configuration changes
  • Orgs without source control (though this itself is a problem to fix)

When to Move Beyond Change Sets

Change Set LimitationWhy It Matters
No rollback capabilityCannot undo a deployment without manual effort
No version historyCannot track what was deployed when
Manual component selectionHuman error in selecting components
No dependency validationMissing components cause deployment failures
No automated testingTests run only if manually included
One-directional (no retrieve)Cannot pull changes back to source control
No diff/comparisonCannot review what changed before deploying

CTA Exam Context

If the scenario mentions change sets, the review board may be testing whether you recommend modernizing to CLI/package-based deployment. Acknowledge the current state, explain the risks, and propose a migration path to modern DevOps — but do not propose ripping out change sets overnight.

Unlocked Packages

Unlocked packages are Salesforce’s recommended approach for organizing and deploying metadata in large-scale implementations.

Package Types

Package TypeUse CaseNamespaceUpgradable
Unlocked (no namespace)Internal org developmentNoYes
Unlocked (with namespace)Shared across orgsYesYes
ManagedISV distribution (AppExchange)Yes (permanent)Yes

Benefits of Unlocked Packages

  • Dependency management: Packages declare dependencies on other packages
  • Versioning: Each package version is a deployable artifact
  • Rollback: Install a previous version to rollback
  • Modular architecture: Organize org metadata into logical packages
  • CI/CD friendly: Package creation can be automated in pipelines

Package Architecture Example

flowchart TD
    subgraph Core["Core Package (Base)"]
        A[Custom Objects]
        B[Custom Fields]
        C[Permission Sets]
    end

    subgraph Sales["Sales Package"]
        D[Sales Flows]
        E[Sales LWC]
        F[Sales Apex]
    end

    subgraph Service["Service Package"]
        G[Service Flows]
        H[Service LWC]
        I[Service Apex]
    end

    subgraph Integration["Integration Package"]
        J[Named Credentials]
        K[External Services]
        L[Integration Apex]
    end

    Sales --> Core
    Service --> Core
    Integration --> Core

    style Core fill:#1a535c,stroke:#0d3b44,color:#fff
    style Sales fill:#2d6a4f,stroke:#1b4332,color:#fff
    style Service fill:#4ecdc4,stroke:#3ab5ad,color:#000
    style Integration fill:#f4a261,stroke:#d4823e,color:#000

Package Dependency Graph and Versioning

In enterprise implementations, packages form a dependency graph. Changes must respect the dependency order — base packages are built and promoted first, then dependent packages.

flowchart TD
    subgraph Versions["Package Versions (Install Order)"]
        direction TB
        CORE_V["core-package<br/>v2.5.0 (promoted)"]
        SALES_V["sales-package<br/>v1.8.0 (promoted)<br/>depends: core >= 2.4"]
        SVC_V["service-package<br/>v1.3.0 (promoted)<br/>depends: core >= 2.5"]
        INT_V["integration-package<br/>v1.1.0 (promoted)<br/>depends: core >= 2.3"]
        ANALYTICS_V["analytics-package<br/>v0.9.0 (beta)<br/>depends: core >= 2.5<br/>+ sales >= 1.7"]
    end

    CORE_V --> SALES_V
    CORE_V --> SVC_V
    CORE_V --> INT_V
    CORE_V --> ANALYTICS_V
    SALES_V --> ANALYTICS_V

    subgraph Pipeline["CI/CD Build Order"]
        direction LR
        B1[1. Build Core] --> B2[2. Build Integration]
        B2 --> B3[3. Build Sales]
        B3 --> B4[4. Build Service]
        B4 --> B5[5. Build Analytics]
    end

    style CORE_V fill:#1a535c,stroke:#0d3b44,color:#fff
    style SALES_V fill:#2d6a4f,stroke:#1b4332,color:#fff
    style SVC_V fill:#4ecdc4,stroke:#3ab5ad,color:#000
    style INT_V fill:#f4a261,stroke:#d4823e,color:#000
    style ANALYTICS_V fill:#e76f51,stroke:#c45a3f,color:#fff

Package versioning follows semantic versioning (Major.Minor.Patch.Build):

Version PartWhen to IncrementExample
MajorBreaking changes, removed components1.0 to 2.0
MinorNew features, non-breaking additions2.0 to 2.1
PatchBug fixes, minor improvements2.1.0 to 2.1.1
BuildAuto-incremented by Salesforce2.1.1.1 to 2.1.1.2

Package Promotion

Only promoted package versions can be installed in production. A promoted version is immutable — you cannot modify it. Always validate a package version in a staging sandbox before promoting it. Rolling back requires installing the previous promoted version, which may fail if the new version added required components.

CI/CD Tools Comparison

Salesforce-Specific CI/CD Tools

ToolTypeStrengthsConsiderations
GitHub ActionsGeneral CI/CDFree for public repos, flexible, strong communityRequires custom SF workflow setup
CopadoSF-native DevOpsBuilt for Salesforce, user stories, complianceLicense cost, vendor dependency
GearsetSF DevOpsExcellent diff/merge, comparison toolsLicense cost, external dependency
FlosumSF-native DevOpsNative on platform, no external toolLimited CI/CD pipeline features
AutoRABITSF DevOpsFull DevOps suite, backup/restoreComplex setup, learning curve
Azure DevOpsGeneral CI/CDEnterprise integration, boards/reposRequires custom SF pipeline
GitLab CIGeneral CI/CDIntegrated repo + CI/CD, self-hosted optionRequires custom SF pipeline

CI/CD Pipeline Architecture

flowchart LR
    A[Developer<br/>Commits Code] --> B[Git Repository<br/>Feature Branch]
    B --> C{Pull Request<br/>Created}
    C --> D[Automated Checks]

    subgraph Pipeline["CI/CD Pipeline"]
        D --> E[Create Scratch Org]
        E --> F[Deploy Source]
        F --> G[Run Apex Tests]
        G --> H[Run LWC Tests]
        H --> I[Static Analysis<br/>PMD/ESLint]
        I --> J{All Checks<br/>Pass?}
    end

    J -->|No| K[Notify Developer<br/>Fix Issues]
    J -->|Yes| L[Code Review<br/>Approved]
    L --> M[Merge to Develop]
    M --> N[Deploy to SIT]
    N --> O[Integration Tests]
    O --> P[Deploy to UAT]
    P --> Q[UAT Sign-off]
    Q --> R[Deploy to Staging]
    R --> S[Smoke Tests]
    S --> T[Deploy to Production]

    K --> A

    style A fill:#2d6a4f,stroke:#1b4332,color:#fff
    style T fill:#e76f51,stroke:#c45a3f,color:#fff
    style J fill:#f4a261,stroke:#d4823e,color:#000

Deployment Strategies

Big Bang vs Phased Deployment

StrategyWhen to UseRisk Level
Big BangSmall changes, low riskLow-Medium
Phased by FeatureMultiple features, independentMedium
Phased by User GroupPilot → rolloutLow
Blue-GreenZero downtime requiredMedium (complex setup)

Destructive Changes

Destructive changes (deleting metadata) require special handling in Salesforce:

  • Destructive changes manifest: XML file listing components to delete
  • Pre-destructive vs post-destructive: Pre runs before deployment, post runs after
  • Cannot delete: Components referenced by other deployed components
  • Package versions: Deleting components from a package version is not straightforward

Destructive Change Risks

Destructive changes cannot be easily rolled back. Always deploy destructive changes to a sandbox first. Document every destructive change with a business justification. Include destructive changes in code review — they are often more dangerous than additions.

Feature Flags

Feature flags allow deploying code to production without activating it for users:

Implementation options:

  • Custom Metadata Type: Store feature flags as metadata records (deployable, no DML needed to check)
  • Custom Settings: Hierarchy-based, per-user or per-profile (DML to change, quick to toggle)
  • Custom Permissions: Assign via Permission Set (user-level control)

Use cases:

  • Deploy integration code before the external system is ready
  • Gradual rollout to user groups
  • Kill switch for problematic features
  • A/B testing of automation behavior
flowchart TD
    A[Feature Code Deployed] --> B{Feature Flag<br/>Enabled?}
    B -->|Yes| C[Execute New Logic]
    B -->|No| D[Execute Legacy Logic]
    C --> E[Monitor Performance]
    E --> F{Issues Detected?}
    F -->|Yes| G[Disable Feature Flag]
    G --> D
    F -->|No| H[Full Rollout]
    H --> I[Remove Feature Flag<br/>and Legacy Code]

    style G fill:#e76f51,stroke:#c45a3f,color:#fff
    style H fill:#2d6a4f,stroke:#1b4332,color:#fff

Deployment Checklist

Pre-Deployment

  • All tests pass in the source environment
  • Code review completed and approved
  • Deployment validated (check-only deployment) in target
  • Destructive changes documented and reviewed
  • Rollback plan documented
  • Communication sent to affected users
  • Deployment window confirmed (off-peak hours for production)

Post-Deployment

  • Smoke tests executed in target environment
  • Integration endpoints verified
  • Permission assignments confirmed
  • Monitoring dashboards checked
  • User communication sent (release notes)
  • Deployment logged in release management tracker

Sources