Skip to content
theCodeFlash

CI/CD & Deployment Strategy

CI/CD in Salesforce differs significantly from traditional software CI/CD. The platform’s metadata-driven architecture, shared sandbox environments, and org-based development model create unique challenges. The deployment strategy must balance automation, safety, and team velocity.

Foundational Context

For foundational CI/CD and version control concepts (Git branching, basic pipeline stages, introduction to continuous integration), see Git and GitHub for Administrators (Trailhead) and Continuous Integration (Trailhead). This page covers architect-level decisions: which branching strategy fits Salesforce metadata constraints, when to choose packages over CLI deploys, and how to design deployment pipelines for enterprise-scale orgs.

Git Branching Strategies

GitFlow vs Trunk-Based Development

The right branching strategy depends on team size, release cadence, and Salesforce-specific constraints.

GitFlow uses long-lived develop and release branches; trunk-based keeps all features in short-lived branches off main.
Figure 1. GitFlow’s develop and release branches suit scheduled Salesforce releases where multiple features must be staged together. Trunk-based development cuts merge conflict risk but demands mature CI/CD automation and feature flags to keep main deployable at all times.
FactorGitFlowTrunk-Based
Release cadenceScheduled releases (monthly, quarterly)Continuous deployment
Team sizeLarge teams (10+)Small to medium teams
Branch lifetimeLong-lived (days to weeks)Short-lived (hours to days)
Merge conflictsHigher risk due to long-lived branchesLower risk with frequent integration
Salesforce fitBetter for change set mentalityBetter for package-based development
ComplexityHigher, more branches to manageLower, fewer branches
Hotfix pathDedicated hotfix branchDirect to main with feature flag

CTA Recommendation

For most enterprise Salesforce teams, a modified GitFlow works best: main (production), develop (integration), and short-lived feature branches. Avoid pure trunk-based unless the team has strong CI/CD automation and high test coverage. Salesforce metadata makes merge conflicts more painful than in traditional codebases.

main              ← Reflects production state
├── develop       ← Integration branch, deployed to SIT
│   ├── feature/JIRA-123-cpq-pricing    ← Individual feature work
│   ├── feature/JIRA-456-case-routing   ← Individual feature work
│   └── feature/JIRA-789-lead-scoring   ← Individual feature work
├── release/2024-Q4  ← Release candidate, deployed to UAT/Staging
└── hotfix/JIRA-999-email-fix  ← Emergency production fix

Salesforce DX CLI

The Salesforce CLI (sf) is the foundation of modern Salesforce DevOps.

sfdx is deprecated - use sf (v2)

The sfdx CLI (v7) was deprecated in July 2023. Salesforce no longer publishes updates to it (except security fixes). All new features and plugin updates are exclusive to sf (v2). The sfdx-style commands still execute in sf but are deprecated; reference documentation was removed in June 2024.

Key command migrations for CI/CD scripts:

sfdx (deprecated)sf (current)
sfdx force:source:pushsf project deploy start
sfdx force:source:pullsf project retrieve start
sfdx force:org:create --type scratchsf org create scratch
sfdx force:org:create --type sandboxsf org create sandbox
sfdx force:apex:test:runsf apex run test
sfdx force:package:createsf package create
sfdx force:package:version:createsf package version create
sfdx force:package:installsf package install

Migration path: Uninstall sfdx (v7), install sf (v2). Existing sfdx-style commands continue to work as aliases during transition, but update CI/CD pipeline scripts to sf-style commands to avoid future breakage. See Move from sfdx (v7) to sf (v2).

Key CLI Commands for CI/CD

CommandPurposePipeline Stage
sf org create scratchCreate scratch org for testingBuild
sf project deploy startDeploy source to an orgDeploy
sf project retrieve startRetrieve metadata from orgDevelopment
sf apex run testExecute Apex unit testsTest
sf package createCreate an unlocked packagePackage
sf package version createCreate a new package versionPackage
sf package installInstall a package into an orgDeploy
sf org delete scratchClean up scratch orgCleanup

Source vs Metadata Format

  • Source format: Decomposed into individual files (field per file, not all fields in one XML). Produces meaningful diffs and reduces merge conflicts.
  • Metadata format: Monolithic XML files (all fields in one CustomObject.object-meta.xml). Legacy format, harder to diff and merge.

Always Use Source Format

All new Salesforce DX projects should use source format. The Salesforce CLI supports both, but source format produces meaningful git diffs and reduces merge conflicts. If inheriting a metadata-format project, invest in converting to source format.

Deployment Mechanism Comparison

Salesforce provides multiple ways to move metadata between orgs. The right choice depends on team maturity, org complexity, and governance needs.

Change sets sit at the legacy end; unlocked packages and third-party tools represent the modern end of the deployment spectrum.
Figure 2. The migration path from change sets to CLI to unlocked packages is incremental, not a single cutover. DevOps Center provides a GUI on-ramp for admin-heavy teams, while Copado and Gearset add compliance audit trails for enterprise governance requirements.
MechanismRollbackVersion HistoryAutomationDependency MgmtBest For
Change SetsManual undo onlyNoneNoneNoneSmall admin teams, simple changes
Salesforce CLIRedeploy previousGit historyFull CI/CDManual (package.xml)Dev teams with CI/CD pipelines
Unlocked PackagesInstall prior versionPackage versionsFull CI/CDAutomaticLarge orgs, modular architecture
DevOps CenterVia Git historyGit + UI trackingPartialManualMixed admin/dev teams
Copado / GearsetTool-managedFull audit trailFull CI/CDTool-managedEnterprise compliance needs

DevOps Center and DevOps Testing

DevOps Center is Salesforce’s platform-native approach to change management. It provides a UI layer over Git-based source control. DevOps Testing (GA) extends it with automated quality gates.

DevOps Center Core Capabilities

  • Change tracking: Track work items from development through deployment in a centralized UI
  • Git integration: Built-in source control. Admins and developers see the same change history without learning Git CLI
  • Pipeline management: Promote changes across environments (dev to staging to production) with clicks
  • Conflict detection: Flags conflicting metadata changes across team members before promotion
  • Mixed-team support: Declarative (admin) and programmatic (developer) changes managed in one workflow

DevOps Testing (GA)

DevOps Testing unifies Salesforce and partner testing tools into a single quality-gate framework:

CapabilityWhat It ProvidesStatus
Test strategy definitionsDefine which tests run at each pipeline stageGA
Automated quality gatesBlock promotions that fail test thresholdsGA
Code Analyzer v5Static code analysis integrated into quality gatesGA
Scale TestPerformance and scale testing for deployment validationGA
Partner integrationsACCELQ, Copado, Panaya, Provar, Quality Clouds, TricentisGA
Apex Unit TestsUnified Apex test results in the DevOps Testing dashboardComing soon
Flow TestsFlow test results integrated into quality gatesComing soon
Agentforce Testing CenterTest Agentforce agents with synthetic data before deploymentComing soon

Agentforce Testing Center

Agentforce (formerly Einstein Copilot) Testing Center provides lifecycle management tooling for testing autonomous AI agents at scale. Teams evaluate agent responses and actions using synthetically generated data, with monitoring of usage and feedback. As Agentforce agents become more common in CTA scenarios, testing them before deployment is an architectural requirement, not optional.

DevOps Center vs Third-Party Tools

FactorDevOps CenterCopadoGearset
CostIncluded with SalesforceLicensed ($$-$$$)Licensed ($$)
Setup complexityLow (native UI)High (full ALM configuration)Low-moderate
Git managementBuilt-in, UI-basedFull Git integrationFull Git integration
Metadata dependency detectionBasicManual dependency managementAutomatic dependency detection
Compliance / audit trailsBasicStrong (built-in compliance tracking)Moderate
Advanced pipeline featuresLimited (linear promotion)Full (parallel pipelines, branching strategies)Full (flexible pipelines)
RollbackVia Git historyTool-managedTool-managed with comparison
Best forTeams moving off change sets; mixed admin/dev teamsLarge enterprises with strict compliance (finance, healthcare)Mid-size teams prioritizing fast setup and smart diffing

CTA Exam Relevance

When the scenario describes a team transitioning from change sets, DevOps Center is the lowest-friction first step. It introduces Git-based source control without requiring CLI skills. Recommend third-party tools (Copado, Gearset) when the scenario calls for advanced pipeline orchestration, compliance audit trails, or automatic metadata dependency resolution at enterprise scale. DevOps Center does not replace full CI/CD in complex implementations.

Change Sets: When They Are Still OK

Change sets are the legacy deployment mechanism. CTA scenarios may describe orgs still relying on them.

When Change Sets Are Acceptable

  • Very small teams (1-2 admins) with simple release processes
  • Admin-only changes (page layouts, validation rules, simple flows)
  • One-time migrations or configuration changes
  • Orgs without source control (though this itself is a problem to fix)

When to Move Beyond Change Sets

Change Set LimitationWhy It Matters
No rollback capabilityCannot undo a deployment without manual effort
No version historyCannot track what was deployed when
Manual component selectionHuman error in selecting components
No dependency validationMissing components cause deployment failures
No automated testingTests run only if manually included
One-directional (no retrieve)Cannot pull changes back to source control
No diff/comparisonCannot review what changed before deploying

CTA Exam Context

If the scenario mentions change sets, the review board may be testing whether you recommend modernizing to CLI/package-based deployment. Acknowledge the current state, explain the risks, and propose a migration path. Do not propose ripping out change sets overnight.

Unlocked Packages

Unlocked packages are Salesforce’s recommended approach for organizing and deploying metadata in large implementations.

Package Types

Package TypeUse CaseNamespaceUpgradable
Unlocked (no namespace)Internal org developmentNoYes
Unlocked (with namespace)Shared across orgsYesYes
ManagedISV distribution (AppExchange)Yes (permanent)Yes

Benefits of Unlocked Packages

  • Dependency management: Packages declare dependencies on other packages
  • Versioning: Each package version is a deployable artifact
  • Rollback: Install a previous version to rollback
  • Modular architecture: Organize org metadata into logical packages
  • CI/CD friendly: Package creation can be automated in pipelines

Package Architecture Example

Sales, Service, and Integration packages each depend on a shared Core package containing objects, fields, and permission sets.
Figure 3. Organizing metadata into domain packages with a shared Core dependency lets teams deploy Sales and Service changes independently without touching shared data model components. The Core package becomes the contract all other packages depend on.

Package Dependency Graph and Versioning

In enterprise implementations, packages form a dependency graph. Changes must respect the dependency order: base packages are built and promoted first, then dependent packages.

Core is built first; dependent packages build in dependency order, with Analytics requiring both Core and Sales versions.
Figure 4. The CI/CD build order must respect the dependency graph: Core is always built and promoted first. A package version pinning a minimum Core version means any Core patch below that floor will block installation of dependent packages in production.

Package versioning follows semantic versioning (Major.Minor.Patch.Build):

Version PartWhen to IncrementExample
MajorBreaking changes, removed components1.0 to 2.0
MinorNew features, non-breaking additions2.0 to 2.1
PatchBug fixes, minor improvements2.1.0 to 2.1.1
BuildAuto-incremented by Salesforce2.1.1.1 to 2.1.1.2

Package Promotion

Only promoted package versions can be installed in production. A promoted version is immutable; it cannot be modified. Always validate a package version in a staging sandbox before promoting it. Rolling back requires installing the previous promoted version, which may fail if the new version added required components.

CI/CD Tools Comparison

Salesforce-Specific CI/CD Tools

ToolTypeStrengthsConsiderations
GitHub ActionsGeneral CI/CDFree for public repos, flexible, strong communityRequires custom SF workflow setup
CopadoSF-native DevOpsBuilt for Salesforce, user stories, complianceLicense cost, vendor dependency
GearsetSF DevOpsExcellent diff/merge, comparison toolsLicense cost, external dependency
FlosumSF-native DevOpsNative on platform, no external toolLimited CI/CD pipeline features
AutoRABITSF DevOpsFull DevOps suite, backup/restoreComplex setup, learning curve
Azure DevOpsGeneral CI/CDEnterprise integration, boards/reposRequires custom SF pipeline
GitLab CIGeneral CI/CDIntegrated repo + CI/CD, self-hosted optionRequires custom SF pipeline

CI/CD Pipeline Architecture

Pull requests trigger scratch org creation, Apex and LWC tests, and static analysis before gating merge and environment promotion.
Figure 5. Each environment gate (SIT integration tests, UAT sign-off, staging smoke tests) catches a different failure class. Collapsing these gates to speed delivery transfers that risk directly to production.

Deployment Strategies

Big Bang vs Phased Deployment

StrategyWhen to UseRisk Level
Big BangSmall changes, low riskLow-Medium
Phased by FeatureMultiple features, independentMedium
Phased by User GroupPilot → rolloutLow
Blue-GreenZero downtime requiredMedium (complex setup)

Destructive Changes

Deleting metadata requires special handling in Salesforce:

  • Destructive changes manifest: XML file listing components to delete
  • Pre-destructive vs post-destructive: Pre runs before deployment, post runs after
  • Cannot delete components referenced by other deployed components
  • Package versions: Removing components from a package version is not straightforward

Destructive Change Risks

Destructive changes cannot be easily rolled back. Always deploy them to a sandbox first. Document every destructive change with a business justification. Include destructive changes in code review; they are often more dangerous than additions.

Feature Flags

Feature flags allow code to reach production without activating it for users:

Implementation options:

  • Custom Metadata Type: Store feature flags as metadata records (deployable, no DML needed to check)
  • Custom Settings: Hierarchy-based, per-user or per-profile (DML to change, quick to toggle)
  • Custom Permissions: Assign via Permission Set (user-level control)

Use cases:

  • Deploy integration code before the external system is ready
  • Gradual rollout to user groups
  • Kill switch for problematic features
  • A/B testing of automation behavior
Deployed code runs legacy logic until the flag is enabled; detected issues revert to legacy by toggling the flag off without redeployment.
Figure 6. Feature flags decouple deployment from release. Code reaches production inactive, then activates per user group or percentage. Disabling the flag is a seconds-long rollback that requires no redeployment and no CAB emergency approval.

Deployment Checklist

Pre-Deployment

  • All tests pass in the source environment
  • Code review completed and approved
  • Deployment validated (check-only deployment) in target
  • Destructive changes documented and reviewed
  • Rollback plan documented
  • Communication sent to affected users
  • Deployment window confirmed (off-peak hours for production)

Post-Deployment

  • Smoke tests executed in target environment
  • Integration endpoints verified
  • Permission assignments confirmed
  • Monitoring dashboards checked
  • User communication sent (release notes)
  • Deployment logged in release management tracker

Sources

Personal study notes for the Salesforce CTA exam. Content compiled from VJ's study notes, official Salesforce documentation, community sources, and online publicly available content, then organized and presented with AI assistance. Not affiliated with Salesforce. © 2025–2026 VJ Srivastava.