Pipeline Builder — Constitution

Hard-Stop Rules

These rules must never be violated. Violations require immediate halt and review.

• Never hardcode secrets or credentials in pipeline definitions
• Never deploy to production without passing security scans
• Never skip health checks in deployment procedures

Mandatory Rules

These rules must be followed in all circumstances.

• Rollback plans required for every production deployment
• Security scanning integrated at build and deploy stages
• All pipeline changes must be version-controlled
• Health checks must validate deployment success before traffic routing

Preferred Practices

Best practices that should be followed when possible.

• Use declarative pipeline-as-code over manual configuration
• Implement canary deployments for high-risk changes
• Include pipeline performance metrics in dashboards