Environment Gating: Automated Go/No-Go for Deployments
Environment gating is an automated checklist for your CI/CD pipeline. Instead of just building code, it checks external signals like monitoring alerts or bug trackers before promoting a release.
Progressive Delivery: Ship Faster by Reducing Blast Radius
Progressive Delivery reduces release risk by shipping to small user groups before a full rollout, like a soft-opening for new code. It uses canary releases and feature flags to catch issues before they impact everyone.
Deployment Rings: De-risking Rollouts with Progressive Exposure
Deployment rings are like blast shields for software updates, containing a bad release's impact to a small group. They're used in CI/CD to roll out changes progressively, from internal teams to all users.
Shadow Deployment: Rehearsing a Release with Live Traffic
Shadow deployment is like a stunt double for your service: it receives a copy of live production traffic to test a new version without impacting users. Use it to validate performance and find bugs under real load.
Dark Launch: Test New Code Invisibly in Production
A dark launch tests new backend code on real production traffic without any user ever seeing it. Use it to measure the performance impact of a new recommendation engine or data service before the UI is built.
Rolling Deployment: Update Servers Without Downtime
A rolling deployment upgrades servers one by one, like swapping train cars while the train moves. A load balancer directs users to active servers, keeping the app online. The main footgun is incompatibility between old and new code running at the same time.
Kubernetes Pods: The Atomic Unit of Deployment
A Kubernetes Pod is the atomic unit of deployment, a logical host for containers sharing a network and storage. This is ideal for co-locating a main app with a helper "sidecar" container. The footgun: a Pod is not a container; you scale by adding more.
Configuration as Code: Treat Your Settings Like Source Code
Configuration as Code (CasC) treats your settings like source code, storing them in version control. This ensures every environment is identical, with changes automatically tested and deployed via CI/CD.
Pulumi: Infrastructure as Code with Real Programming Languages
Pulumi is Infrastructure as Code using real languages like Python or TypeScript, not a special DSL. This lets you use loops, functions, and classes to define resources. The main footgun is writing overly complex, clever code that becomes unmaintainable.
Ephemeral Environments: A Staging Server for Every PR
Ephemeral environments are disposable, production-like test servers created for every pull request. They let developers test changes in isolation without waiting for a shared staging server, catching integration bugs earlier.
Infrastructure Drift: When Reality and Code Diverge
Infrastructure drift is when live systems no longer match their configuration code. This happens when someone manually changes a cloud resource instead of updating the Terraform file. The footgun: your next `terraform apply` may destroy your manual changes.
Packer: Build Identical Machine Images Everywhere
Packer is a universal recipe for baking machine images. It takes a single template and builds identical images for multiple platforms like AWS or Docker. Use it to create consistent "golden images" for your infrastructure.
Terraform State: The Map to Your Infrastructure
Terraform state is the source of truth mapping your code to real cloud resources. It's used on every `plan` and `apply` to determine changes. The footgun: never store state in Git or edit the `tfstate` file directly; this risks corruption and secret leaks.
Vagrant: Your Dev Environment as Code
Vagrant is a scriptable remote for virtual machines, defining a dev environment in one text file. It ensures teams have identical, isolated setups, solving "it works on my machine" problems.
Terraform: Manage Infrastructure as Code
Terraform lets you define cloud infrastructure—servers, databases, networks—in a text file, like a blueprint. It reads this file and builds everything for you, making setups on AWS, GCP, or Azure repeatable.
Pipeline Triggers: The 'If This, Then That' of CI/CD
Pipeline triggers are the "if this, then that" for automation. They kick off builds on a code push (CI), run tests for a pull request (PR), or execute jobs on a schedule. The footgun: many systems enable triggers on all branches by default, causing unwanted.
Software Bill of Materials (SBOM): An Ingredient List for Your Code
An SBOM is a nutrition label for your code, listing every library and dependency. It's crucial for security audits and managing supply chain risk, letting you instantly find systems affected by a new vulnerability.
Build Artifact: The Packaged Output of a CI Run
A build artifact is the packaged result of a CI run, like a compiled binary or a zipped web app. Pipelines use artifacts to pass this output between stages, from building to testing and deploying.
Git LFS: Versioning Large Files Without Bloating Your Repo
Git LFS replaces large files with text pointers in your repo, storing the actual data on a remote server. This keeps clones fast when versioning videos, datasets, or graphics. Footgun: `git lfs track` only affects new files, not existing ones.
GitFlow: A Branching Model for Versioned Releases
GitFlow organizes your repo around two main branches: `master` for production and `develop` for integration. It's designed for projects with distinct, numbered releases, like desktop apps, not for continuously delivered web apps where simpler models are…