Highlights
- Why ML CI/CD needs a third letter, CT (continuous training), and how it differs from application CI/CD
- The anatomy of an ML pipeline: continuous integration, continuous delivery, continuous training, and the monitoring loop
- Eight best practices that separate teams who ship reliably from teams who ship Friday surprises
- The 2026 toolchain compared: GitHub Actions, CML, DVC, MLflow, Kubeflow Pipelines, Argo Workflows, Prefect
- A quality gate that blocks a worse model from ever reaching production
- A minimal, copy-pasteable GitHub Actions pipeline that validates data, trains, gates on a metric, and reports results in the pull request
- Deployment strategies (canary, shadow, blue-green) and how to roll a model back
On Friday afternoon a data scientist pushes a "small improvement" to the recommender, kicks off training, glances at the accuracy in the notebook, and merges. The model ships. By Monday, conversion is down four percent and nobody can say which of the last six merges caused it, because not one of them recorded the data it trained on or the metric it actually hit. The rollback plan is a Slack message that says "can someone find last week's model?"
That is what shipping machine learning without CI/CD looks like, and it is expensive. Gartner predicts that, through 2026, organizations will abandon 60% of AI projects that are not supported by AI-ready data (data that is continuously quality-checked, governed, and pipeline-fed), and the MLOps market has grown to $4.39 billion in 2026 (Fortune Business Insights) largely to close that gap. The cure is not heroics or a war room. It is a pipeline that tests data and models the way software CI/CD tests code, retrains on a trigger instead of a hunch, and flatly refuses to deploy a model that fails a quality gate. This guide covers the practices and the 2026 toolchain that make that real, then walks you through a minimal pipeline you can copy into a repository today.
Why CI/CD for ML Is Not Just CI/CD
In normal software, CI/CD is well understood. Continuous integration runs your tests on every commit; continuous delivery ships the build that passes. The artifact is code, the tests are deterministic, and a green pipeline means the thing you ship behaves exactly as the thing you tested.
Machine learning breaks all three assumptions. The artifact is not just code; it is code plus the data it learned from plus the trained model that resulted. The tests are not deterministic; "is this model good?" is a statistical question with a threshold, not a true-or-false assertion. And a green unit-test suite tells you the code runs, not that the model is any good. You can ship a model that passes every test and quietly makes worse predictions than the one it replaced.
That is why ML adds a third pillar: continuous training (CT). Alongside integrating code and delivering releases, the pipeline retrains the model when the code changes, when fresh data lands, or when monitoring detects drift. The most dangerous failure mode in production ML is not a crash. It is a model that keeps returning 200 OK while its predictions slowly rot as the world shifts away from its training data. CI/CD for ML exists to catch that before users do, and to make every model traceable back to the exact code, data, and metrics that produced it.
The Anatomy of an ML CI/CD Pipeline
A mature ML pipeline has four phases that loop:
- Continuous integration: on every pull request, lint and unit-test the code, then validate the data (schema, missing values, ranges, distribution) and the feature transformations. This is where ML CI earns its keep, because most production incidents trace back to data, not code.
- Continuous training: train the model on a versioned dataset, evaluate it on a held-out set, and gate on the metrics. If accuracy, F1, or a fairness check falls below threshold, the pipeline fails and nothing ships.
- Continuous delivery: register the trained model in a registry, promote it through stages, and deploy it with a safe strategy (canary, shadow, or blue-green) behind a one-command rollback.
- Monitoring and feedback: watch live predictions for drift and performance decay; when they degrade, trigger a retrain. The loop closes.
The difference from traditional CI/CD is easiest to see side by side.
Eight CI/CD Best Practices for Machine Learning
These are the practices that move a team from "it worked in the notebook" to "we ship models we can trust and reverse."
1. Version code, data, and models together
A model is only reproducible if you can recover all three inputs that made it. Git versions the code. DVC versions the data and the pipeline alongside the same commit, so git checkout brings back the exact dataset. MLflow versions the run and the resulting model in a registry. The goal: any production prediction can be traced to a commit, a dataset hash, and a model version.
2. Test data and features, not just code
Most ML incidents are data incidents. Add tests that run in CI and fail the build on a bad dataset: schema checks (the columns you expect, the types you expect), missing-value and range checks, and distribution checks against a reference. A unit test proves your transformation function runs; a data test proves the data it ran on is sane.
3. Make model quality a deploy gate
This is the single most important practice and the one teams skip. After training, evaluate on a held-out set and compare the metric to a threshold. If it falls short, exit non-zero and block the merge. A pipeline that trains but does not gate will happily ship a model two points worse than the one in production, and no human will notice until the business does.
4. Pin and containerize the environment
"Works on my machine" ends careers in ML, where a different numpy or scikit-learn version can change predictions or refuse to load a pickled model. Pin every dependency, build a container image for training and serving, and use the same image in CI and production so the model that passed the gate is the model that runs.
5. Automate retraining (continuous training)
Models decay. A fraud model trained on 2024 patterns performs poorly against 2026 tactics. Decide your retraining trigger up front: a schedule (banks often retrain fraud models weekly), a data-volume threshold, or a drift alert from monitoring. Then make retraining a pipeline run, not a person remembering to do it.
6. Promote in a model registry, separate from deployment
Training a good model and deploying it are two decisions, and conflating them is how bad models reach users. Register every candidate, then promote by alias (for example staging then production) in the registry. Deployment reads the alias. This gives you an auditable promotion trail and a one-line rollback: point the alias back at the previous version.
7. Ship with canary, shadow, or blue-green, and keep rollback one command away
Never flip 100% of traffic to a new model. Shadow deployment runs the new model alongside the old one on real traffic without serving its predictions, so you can compare. Canary sends a small slice of traffic first. Blue-green keeps two environments and switches only when the new one is proven. All three give you a fast, boring rollback.
8. Monitor in production and close the loop
The pipeline does not end at deploy. Track prediction distributions, input drift, and (when labels arrive) live accuracy with a tool like Evidently. Feed those signals back as a retraining trigger. Without this loop, continuous training has nothing to react to and the model decays in the dark.
Want to learn MLOps by doing, not just reading?
Our 100 Days of MLOps challenge on KodeKloud Engineer walks you through real production scenarios, one hands-on lab at a time. You'll touch MLflow, Kubeflow, model deployment, monitoring, and the same workflows companies actually run in 2026.
Start the Challenge →The 2026 CI/CD for ML Toolchain
You do not need all of these. You need a CI runner, a way to version data and models, and an orchestrator if your pipelines outgrow a single CI job. Here is how the common 2026 tools map to the job they do.
- GitHub Actions / GitLab CI are the CI runners most teams already have. They are perfectly capable of running an ML pipeline for small and mid-size projects, no extra orchestrator required.
- CML (Continuous Machine Learning) from Iterative makes a generic CI runner ML-aware: it posts metrics, plots, and model comparisons straight into the pull request as a comment, and can spin up cloud GPU runners for training. On newer runners, use its Docker image (
ghcr.io/iterative/cml) rather than thesetup-cmlaction, which currently fails building a native dependency. - DVC versions data and defines reproducible pipeline stages (
dvc repro) tied to Git. - MLflow tracks experiments and provides the model registry where promotion happens.
- Kubeflow Pipelines and Argo Workflows are for Kubernetes-native orchestration once your DAGs are too big for a CI job. Kubeflow Pipelines runs on Argo under the hood.
- Prefect is a Python-native orchestrator popular with teams who want Airflow-style scheduling without the operational pain.
Build a Minimal ML CI/CD Pipeline (GitHub Actions)
Enough theory. Here is a pipeline you can drop into any GitHub repo that runs on every pull request: it validates the data, trains a model, gates on accuracy, and posts the metrics back to the PR. It is deliberately framework-light (scikit-learn) so the shape is clear, but the structure is the same for PyTorch or an LLM fine-tune.
Project layout:
ml-cicd/
├── train.py # trains, writes model.joblib + metrics.json
├── evaluate.py # the quality gate (exits non-zero if below threshold)
├── requirements.txt
├── tests/
│ ├── test_data.py # data validation
│ └── test_model.py # behavioral test on the trained model
└── .github/workflows/
└── mlops.yml # the pipeline# requirements.txt
scikit-learn==1.6.*
pandas==2.*
joblib==1.4.*
pytest==8.*Stage 1 - Validate Data on Every Pull Request
Before you train anything, prove the data is sane. These tests catch the schema change or the column of nulls that would otherwise produce a confidently wrong model.
# tests/test_data.py
from sklearn.datasets import load_iris
EXPECTED = [
"sepal length (cm)", "sepal width (cm)",
"petal length (cm)", "petal width (cm)",
]
def test_schema():
X, _ = load_iris(return_X_y=True, as_frame=True)
assert list(X.columns) == EXPECTED
def test_no_missing_values():
X, _ = load_iris(return_X_y=True, as_frame=True)
assert X.isnull().sum().sum() == 0
def test_feature_ranges():
X, _ = load_iris(return_X_y=True, as_frame=True)
assert (X >= 0).all().all() and (X <= 10).all().all()Stage 2 - Train and Gate on a Metric Threshold
train.py trains the model and writes its metrics to a file. evaluate.py reads that file and is the gate: if accuracy is below the threshold, it exits non-zero, which fails the CI job and blocks the merge.
# train.py
import json, joblib
from sklearn.datasets import load_iris
from sklearn.ensemble import RandomForestClassifier
from sklearn.model_selection import train_test_split
from sklearn.metrics import accuracy_score, f1_score
X, y = load_iris(return_X_y=True, as_frame=True)
Xtr, Xte, ytr, yte = train_test_split(X, y, test_size=0.2, random_state=42, stratify=y)
model = RandomForestClassifier(n_estimators=200, random_state=42).fit(Xtr, ytr)
pred = model.predict(Xte)
metrics = {
"accuracy": round(float(accuracy_score(yte, pred)), 4),
"f1_macro": round(float(f1_score(yte, pred, average="macro")), 4),
}
joblib.dump(model, "model.joblib")
with open("metrics.json", "w") as f:
json.dump(metrics, f, indent=2)
print("metrics:", metrics)# evaluate.py
import json, sys
THRESHOLD = 0.85
metrics = json.load(open("metrics.json"))
acc = metrics["accuracy"]
print(f"accuracy={acc} threshold={THRESHOLD}")
if acc < THRESHOLD:
print(f"::error::accuracy {acc} is below threshold {THRESHOLD}; blocking deploy")
sys.exit(1)
print("quality gate passed")The behavioral test confirms the trained model classifies known inputs correctly:
# tests/test_model.py
import joblib
def test_known_setosa():
model = joblib.load("model.joblib")
assert int(model.predict([[5.1, 3.5, 1.4, 0.2]])[0]) == 0Stage 3 - Wire It Into GitHub Actions (and Report Metrics on the PR)
The workflow runs the stages in order on every pull request and push to main. On pull requests it also posts the model's metrics as a comment, so reviewers see the numbers without digging through logs. The comment uses the built-in actions/github-script (no extra install), and the workflow grants itself pull-requests: write so it has permission to post.
# .github/workflows/mlops.yml
name: mlops-ci
on:
pull_request:
push:
branches: [main]
permissions:
contents: read
pull-requests: write # needed to post the metrics comment
jobs:
train-and-validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.12"
- run: pip install -r requirements.txt
- name: Validate data
run: pytest -q tests/test_data.py
- name: Train
run: python train.py
- name: Quality gate
run: python evaluate.py # fails the job if accuracy < threshold
- name: Behavioral tests
run: pytest -q tests/test_model.py
- name: Comment metrics on the PR
if: github.event_name == 'pull_request'
uses: actions/github-script@v7
with:
script: |
const fs = require('fs');
const metrics = fs.readFileSync('metrics.json', 'utf8');
const body = `## Model metrics\n\`\`\`json\n${metrics}\n\`\`\``;
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
body,
});Why not the CML action here? iterative/setup-cml@v2 installs CML from npm, which currently fails to build a native dependency on the latest ubuntu-latest runner. CML is still excellent for richer reports (metric tables, plots, model diffs); if you want it, run it through its Docker image (ghcr.io/iterative/cml) rather than the setup action. For a plain metrics comment, github-script has zero install and always works.
Because the quality gate runs before anything is promoted, a pull request whose model comes in under the threshold fails its checks and cannot be merged. That single step is the difference between the Friday-afternoon story and a pipeline you can trust.
Stage 4 - Promote and Deploy on Merge
On merge to main, the same model is registered and promoted, then deployed. With MLflow, promotion is an alias change, which keeps "this model is good" separate from "this model is live" and gives you a one-line rollback:
# promote.py (runs on main)
import mlflow
from mlflow import MlflowClient
client = MlflowClient()
mv = mlflow.register_model("runs:/<run_id>/model", "iris-classifier")
client.set_registered_model_alias("iris-classifier", "production", mv.version)
print(f"promoted version {mv.version} to @production")Deployment then reads the @production alias (for example, the Kubernetes serving setup from our Docker and Kubernetes guide pulls that version). To roll back, point the alias at the previous version; nothing rebuilds.
What You've Actually Built
Concretely, you now have a pipeline that:
- Validates data on every pull request before a model is trained.
- Trains and gates on a metric, so a worse model fails CI instead of reaching users.
- Surfaces metrics in the PR with CML, making model changes reviewable like code.
- Separates promotion from deployment through a registry alias, with a one-line rollback.
- Has a clear path to continuous training (schedule or drift trigger) and safe deployment (canary, shadow, blue-green).
The next layers are data versioning with DVC so the dataset is pinned to the commit, drift monitoring with Evidently to trigger retraining, and graduating orchestration to Kubeflow Pipelines or Argo Workflows when one CI job is no longer enough.
Common Gotchas
These are the ones that bite teams first:
- Training but not gating. A pipeline that trains and deploys without a metric threshold will ship regressions silently. The gate is the point.
- Non-deterministic metrics flapping the gate. Set
random_state, pin data, and gate on a held-out set so the same commit produces the same number. A gate that fails randomly gets disabled. - Unpinned dependencies. A model pickled with one scikit-learn version may not load under another. Pin everything and reuse the same container in CI and production.
- Secrets in the workflow. Never hardcode tokens. Use the CI provider's secret store (
secrets.GITHUB_TOKENand friends). - Versioning the model but not the data. If you cannot recover the exact dataset, the model is not reproducible. Version data with DVC alongside the commit.
- Retraining with no monitoring. Continuous training needs a signal. Without drift or performance monitoring, you are retraining blind or not at all.
Conclusion
CI/CD for machine learning is not traditional CI/CD with a model bolted on. It is built around one hard truth: a passing test suite does not mean a good model. The pipelines that keep teams out of the Friday-afternoon spiral all share the same spine. Version code, data, and models together. Test the data and the model, not just the code. Make a metric the gate that blocks a worse model from shipping. And automate retraining so the model keeps pace with the world instead of quietly decaying behind a 200 OK.
You do not need a heavyweight platform to start. GitHub Actions or GitLab CI, plus DVC for data and MLflow for the registry, is enough to run everything in this guide; you graduate to Kubeflow Pipelines or Argo Workflows only when your DAGs and scale demand it. Begin with the quality gate, add continuous training and monitoring as the model earns its place in production, and keep rollback one command away.
Ready to Build It, Not Just Read About It?
Reading about CI/CD for ML is one thing. Writing a data test that fails the build when a column drifts, watching a quality gate block a merge because the model came in under the bar, and rolling a model back by flipping a registry alias are entirely different skills, and they only come from doing the work. That's what the 100 Days of MLOps challenge on KodeKloud is built for, real environments, real tools, auto-validated tasks across the full lifecycle, from DVC and MLflow to Argo Workflows, GitOps, and canary releases. By the end you will have built and operated the kind of pipeline this guide describes, with the muscle memory to prove it. Create your free KodeKloud account ->
FAQs
Q1: Is CI/CD for ML just DevOps with extra steps?
Not quite. It builds on the same foundations (automated pipelines, version control, automated tests) but adds problems DevOps never had: the artifact includes data and a trained model, the tests are statistical rather than deterministic, and there is a third pillar, continuous training, that retrains the model as data shifts. The biggest mental shift is that a passing test suite does not mean a good model; you also need a quality gate on metrics.
Q2: Do I need a dedicated MLOps platform, or can I use GitHub Actions?
For small and mid-size projects, GitHub Actions or GitLab CI plus DVC and MLflow is genuinely enough, and it is what the pipeline above uses. Reach for Kubeflow Pipelines or Argo Workflows when your DAGs grow beyond a single CI job, when you need Kubernetes-native scaling and GPU scheduling, or when many teams share infrastructure. Adopt the heavier orchestrator for a concrete need, not by default.
Q3: What exactly should the deploy gate check?
At minimum, a primary metric (accuracy, F1, AUC, RMSE) against a threshold, evaluated on a fixed held-out set. Mature teams add more: the new model must beat the current production model, fairness or slice metrics must hold across subgroups, and inference latency must stay within budget. The rule is simple: if a check matters in production, make it fail the pipeline.
Q4: How often should I retrain?
There is no universal answer; it depends on how fast your data drifts. Stable domains like manufacturing quality can hold for months; volatile ones like fraud or demand often retrain weekly or on a drift alert. The right approach is to monitor for drift and performance decay and let those signals trigger retraining, rather than picking a fixed interval and hoping.
Sources: Gartner: Lack of AI-Ready Data Puts AI Projects at Risk (Feb 2025); Google Cloud, MLOps: continuous delivery and automation pipelines; CML (Iterative); MLflow releases; Kubeflow Pipelines releases; Argo Workflows releases; Fortune Business Insights MLOps Market Report 2026.
Discussion