CI/CD Home
Salesforce CI/CD with sfdx-hardis
Run a production-grade Salesforce CI/CD pipeline on the Git platform, runners, and tools you already use. No vendor lock-in, no extra license, no data leaving your infrastructure.
Used in production by major companies worldwide. Open-source and free, with optional Cloudity Professional Services for setup, support, and release management.
Why pick sfdx-hardis?
There are many ways to do DevOps with Salesforce. Each has its advantages and limitations.
- Admin-friendly: every persona (Admin, Developer, Release Manager, Project Lead) is autonomous. Admins build pull requests from clicks in the VS Code extension. No command line needed.
- Your tools, your infrastructure: no "sfdx-hardis servers" anywhere. Everything runs in your Git platform, your CI runner, your VS Code. Cloudity has zero access to your data.
- AI-agent ready: 130+ commands support an
--agentflag for non-interactive execution by Claude Code, Copilot, Codex, and others. - No license fees: open-source. Many vendors charge 250+ EUR per contributor per month for the same workflow.
- Monitoring included: a daily metadata backup and observability layer runs in a separate monitoring repository (not the CI/CD one) on the same Git platform and CI runner you already use.
- Documentation included: generate a searchable documentation website of your whole project (Flows, Objects, Profiles, Apex, Lightning Pages) with AI-written explanations and visual Flow diff history.
Who uses it
| Role | How they use sfdx-hardis |
|---|---|
| Admins | Build pull requests from the VS Code extension with clicks. No command line. |
| Developers | Same as Admins, plus the Advanced mode in the UI to see what runs under the hood through the Salesforce CLI. |
| Release Managers | Configure pipelines with the Visual DevOps Pipeline Builder and track pull requests and deployments through the DevOps Pipeline View. |
| Project Managers | Track application lifecycle through native integrations with Jira and Azure Boards. |
Plays nicely with your stack
- Git and CI/CD: GitHub, GitLab, Bitbucket, Azure DevOps, Gitea, Jenkins
- Messaging: Slack, Microsoft Teams, Email
- Ticketing: Jira, Azure Boards, or anything else via webhooks
- AI: Agentforce, OpenAI, Anthropic, Gemini
- Observability: Grafana, Vector.dev (DataDog, Splunk...)
Compliance stays in your hands: it depends on the tools you already operate (Git platform, runner, Jira, AI providers, SSO) and the security policies you apply to them.
What you get
Smart deployments
- Delta deployments: deploy only what changed.
- Overwrite management: protect metadata that should never be overwritten.
- Smart Apex test runs: skip tests that cannot break on sandbox pull requests.
- Automated source cleaning: tidy profiles, flow positions, and more.
Releases and reporting
- DORA Metrics: Deployment Frequency, Lead Time for Changes, Change Failure Rate, MTTR, scored Elite / High / Medium / Low against industry benchmarks.
- Release Notes: generated from git history, tickets, metadata changes, and deployment actions. Outputs Markdown, PDF, XLSX with optional AI-powered summary.
- Backpromote (Beta): push changes from a parent branch back to a developer's sandbox with org conflict detection and diff reports.
Integrations
- Slack, Teams, and email notifications with detailed deployment results.
- Jira, Azure Boards, or any other ticketing tool.
- Deployment Agent: resolves deployment issues with core rules plus AI (Agentforce or direct calls to OpenAI, Anthropic, Gemini).
Read the full smart deployment workflow to see how it all fits together.
AI-agent ready
Every command that involves prompts supports an --agent flag that switches to fully non-interactive execution:
- No tokens wasted on menus: agents skip multi-choice prompts entirely.
- Predictable execution: required values pass as CLI flags. The command fails fast with a clear error if something is missing.
- Safe defaults: sensible defaults apply when prompts are skipped. Destructive operations still need an explicit flag.
With 130+ commands supporting --agent, your coding agent can drive the whole Salesforce DevOps lifecycle: create user stories, deploy metadata, run diagnostics, purge obsolete data, manage packages.
See Using AI Coding Agents for the full picture.
Ready-to-use pipeline templates
Deployment simulation results are posted as comments on every pull request.
| Platform | CI/CD template |
|---|---|
| GitLab | GitLab CI configuration |
| Azure DevOps | Azure Pipelines checks, Azure Pipelines deployment |
| GitHub & Gitea | GitHub Actions / Gitea workflow checks, GitHub Actions / Gitea workflow deployment |
| Bitbucket | Bitbucket Pipelines |
| Jenkins | Jenkinsfile |
Pipelines adapt to other platforms like TeamCity.
An advanced branch and org model you can build with sfdx-hardis. Simpler RUN-only models also work:
For deeper Q&A, see this article:
Monitoring on the same Git platform
CI/CD is only half the story. Once your changes hit production, you still need to know what is happening in your orgs. sfdx-hardis ships with a built-in Monitoring layer that lives in its own separate repository (not the CI/CD one), on the same Git platform and CI runner you already use. No extra license, no extra platform.
What you get out of the box:
- Daily metadata backup with exact git diff between yesterday and today (who changed what, before / after).
- Suspect setup actions detected from the Salesforce Audit Trail, so production changes never go unnoticed.
- Apex tests, code quality (MegaLinter), org limits, deprecated API calls, release updates, unsecured Connected Apps, unused licenses, missing access... all scheduled and reported automatically.
- Per-channel notifications routed independently to Slack / Microsoft Teams, email, and API / Grafana / Prometheus, with a per-notification-type severity threshold (stream everything to Grafana, keep Slack for warnings and errors only).
- Ready-to-use Grafana dashboards to visualize org health, backups, tests, security, and license usage over time.
- Fully configurable from the VS Code SFDX Hardis extension or directly in
.sfdx-hardis.yml(frequency, thresholds, channels, custom commands).
Pick CI/CD with sfdx-hardis and you also get a production-grade monitoring stack in the same move. See the Monitoring documentation for the full picture.
Open-source, no license fees
Everything is open-source. There are no license costs.
In comparison, many Salesforce DevOps vendors charge more than 250 EUR per contributor per month.
Run it yourself, or ask Cloudity Professional Services for support.
Used in production worldwide
Featured in conferences, blogs, and webinars.
Interview on SalesforceBen with a live demo:
The Dreamforce presentation and slides below were recorded before sfdx-hardis got its current LWC-based UI. The concepts still apply, but the on-screen experience is now built around proper Lightning Web Component screens instead of CLI menus.
Dreamforce presentation:
Slides from the Dreamforce '23 session:
Detailed article on SalesforceDevOps.net (also published before the LWC-based UI - concepts still apply, the on-screen experience has moved on from CLI menus to proper Lightning Web Component screens):
Get started
Set it up yourself
Open-source and free. The Setup Guide walks you through initializing a Salesforce CI/CD project from scratch.
Get help from Cloudity
sfdx-hardis works perfectly well on its own. It works even better with the people who built it on your side: a sharper branch model, a cleaner pipeline, edge cases anticipated upfront. Cloudity, the company behind sfdx-hardis, offers four service tiers to match every team's needs and budget.
Assisted Setup - for experienced teams
Best for: Teams with solid Git and Salesforce CLI skills who want expert guidance without handing over the wheel.
Your team drives the setup. A Cloudity expert rides along: reviewing your branch model, validating your pipeline configuration, unblocking tricky situations, and making sure you follow best practices from the start.
What's included:
- Branch and org model review and recommendations
- Guided pipeline configuration (CI checks, deployments, notifications)
- Code review of your sfdx-hardis configuration files
- Q&A sessions with a Cloudity expert at key milestones
- Guidance and material to train your team on sfdx-hardis best practices
The most cost-effective way to get professional assurance without a full engagement.
Full Setup Service - end-to-end, done for you
Best for: Teams that want a production-ready CI/CD pipeline without investing internal time in setup and configuration.
Cloudity takes full ownership. You receive a battle-tested, fully configured CI/CD pipeline tailored to your org structure, team size, and release process. Ready to go live.
What's included:
- Analysis of your existing Salesforce org and release process
- Full pipeline setup on your Git platform (GitHub, GitLab, Azure DevOps, Bitbucket, Jenkins...)
- Branch model and deployment strategy definition
- Training sessions for contributors, release managers, and project leads
- Change management support to accelerate adoption across your organization
- Handover documentation and knowledge transfer
Option: Support Subscription - peace of mind, ongoing
Best for: Any team that wants guaranteed access to sfdx-hardis expertise after go-live, and wants to stay ahead of Salesforce releases.
A Cloudity expert is available whenever you need them: to answer questions, resolve blockers, and review changes. You also directly fund the sustainability of sfdx-hardis as an open-source project.
What's included:
- A skilled Cloudity experts pool, reachable by your team
- Priority response for incidents and deployment issues
- Proactive alerts on Salesforce API changes and sfdx-hardis updates that may affect your pipelines
- Access to new sfdx-hardis features and security patches as they ship
- Direct influence on the sfdx-hardis roadmap through feedback and feature requests
Option: Release Manager as a Service - your release process, covered
Best for: Teams without a dedicated release manager, or who need cover during holidays, parental leave, or peak release periods.
A Cloudity release manager takes the wheel, permanently or on demand. Your team keeps shipping, your release cadence stays on track, no matter what.
What's included:
- Day-to-day management of pull requests, deployments, and release branches
- Coordination between development, QA, and business teams
- Incident response and rollback management
- Available as a permanent service or as a temporary cover arrangement
Next steps
- Setup guide: initialize a Salesforce CI/CD project from scratch.
- Contributor guide: work on CI/CD projects as a Business Analyst, Admin, or Developer.
- Release Manager guide: drive releases on a CI/CD project.
- Pair it with Monitoring: a separate repository (not the CI/CD one) on the same Git platform.