Week 3 Part II · DevOps

CI/CD, Testing & REST Services

Instructor lesson plan: lecture (2 h) and practice (2 h).

Learning objectives

Build a CI pipeline that lints, tests, builds, and publishes an artifact.
Apply the testing pyramid to a service.
Design, version, and containerise a REST API.
Commit the team to its project use case.

Tools this week

FastAPIPydanticpytestGitHub Actionscontainer registryTerraform (intro)

🎓Lecture · 2 hours

0:00-0:10	10 min	Recap & objectives Retrieval: object versus block storage; what multi-AZ buys. Today: making change safe, and shipping the interface everything else will call.
0:10-0:25	15 min	Motivation: deploys that break on Friday The manual-deploy horror story: works on one machine, fails in production, no one can reproduce either. DORA's evidence in one slide: elite teams deploy more often with fewer failures because of automation, not in spite of it. The feedback-loop argument: small changes, fast verification, cheap rollback.
0:25-0:50	25 min	Continuous integration & the testing pyramid What CI actually is: integrating small changes into a shared mainline continuously, with automated verification at every push. Pipeline anatomy: stages, jobs, artifacts, caches; what runs on every commit versus on merge. The pyramid: many fast unit tests, fewer integration tests, very few end-to-end; why the inverted pyramid (the 'ice-cream cone') fails. Trunk-based development versus long-lived branches: integration pain grows with branch age. Continuous delivery versus continuous deployment; where a human approval belongs.
0:50-1:10	20 min	Infrastructure as code, briefly but properly Declarative versus imperative provisioning; the Terraform model of desired state. Idempotency: applying the same configuration twice converges, never stacks. Environment parity: dev, staging, and production from one definition. Where IaC lives in the project: the infra folder is reviewed like code because it is code.
1:10-1:20	10 min	Break
1:20-1:40	20 min	REST services done properly Resources, verbs, and status codes; idempotent verbs and why retries care. Request/response contracts in JSON; validation at the boundary. Versioning an API (path or header) so consumers survive evolution; deprecation as a managed process. Health and readiness endpoints: what the orchestrator will probe next week.
1:40-1:55	15 min	Live demo (predict, then run) Predict: what happens when a breaking change ships without an API version bump? Then we ship one against a running client and watch it break. Re-ship the same change as v2 alongside v1; the old client survives. The lesson: the contract is the product.
1:55-2:00	5 min	Wrap-up & practice previewPractice builds the project's real service skeleton and the pipeline that guards it.

Common misconception to confront.

Students often think: CI is just running the tests.
Set it straight: CI is the discipline of integrating small changes into a shared mainline continuously, with automated verification. The test run is one stage of that, not the whole idea.

Check for understanding (pose during the concept blocks; let students answer before revealing).

Why are end-to-end tests the thin top of the pyramid, not the base?

They are slow, flaky, and expensive. Most coverage should come from fast unit tests, with fewer integration tests and very few end-to-end.

What does versioning an API buy you?

Consumers keep working when the API evolves: old clients stay on v1 while v2 changes the contract, and deprecation becomes a managed process instead of a breakage.

Key takeaways.

CI integrates small changes continuously; the test run is one stage.
Push coverage down the pyramid: fast unit tests are the base.
An API contract is a promise; version it and guard it with tests.

📚Reading & resources

The DevOps Handbook, the Flow chapters (Part III) Kim, Humble, Debois and Willis; the technical practices of fast flow: CI, small batches, trunk-based work.
Accelerate, ch. 4 The evidence on trunk-based development and continuous delivery.
GitHub Actions documentation The workflow syntax and quickstart; the practice session builds on it.
FastAPI tutorial The official tutorial; first-class request/response contracts with Pydantic.
Terraform: Up and Running, ch. 1 to 2 Brikman; why infrastructure as code, and the Terraform model.

💻Practice · 2 hours

In the practice session the instructor demonstrates the tooling live and teaches the hands-on topics that belong at the keyboard. There are no separate weekly labs: each session closes with the project-integration brief, the increment every team adds to its end-to-end system before next week.

0:00-0:10	10 min	Setup & recap Open the team repositories; confirm the use-case decision is due today. Recap pipeline anatomy and the pyramid.
0:10-0:35	25 min	The project service skeleton Build a FastAPI service with two real endpoints for the chosen use case plus /health. Pydantic models as the request/response contract; validation rejects bad input at the boundary. Wire the service to read configuration from the environment, never from code.
0:35-1:00	25 min	Tests that earn their place Unit tests for the core logic; an integration test that boots the service and exercises an endpoint. Watch the pyramid in miniature: 12 unit, 3 integration, 1 end-to-end. Break the contract on purpose; watch the integration test catch it.
1:00-1:10	10 min	Break
1:10-1:35	25 min	The pipeline that guards the mainline GitHub Actions workflow: lint, test, build, image push to the registry, on every push. Dependency caching and a build matrix; keep the loop under five minutes. Required checks: a failing test now physically blocks the merge.
1:35-1:50	15 min	Students drive Each team lands one endpoint + test + green pipeline through a reviewed pull request. Instructor circulates on pipeline failures.
1:50-2:00	10 min	Project-integration briefThe 'Project integration' card: the service skeleton and its pipeline are this week's increment and the backbone of everything that follows.

Common pitfalls to pre-empt.

Flaky tests erode trust in CI; quarantine and fix them rather than re-running.
A 40-minute pipeline kills the feedback loop; parallelise and cache.

Project integration (this week)

Commit to the project use case (IoT, chatbot, document processing, or approved alternative).
Stand up the project's REST API skeleton: two real endpoints, /health, contract validation, tests.
CI pipeline live: lint, test, build, image push; required checks gate every merge from now on.

Curated references Project brief