Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
DevOps checklist


  • no credentials kept in codebase
    • use consul/zookeeper/etc., then have code load credentials from environment variables
  • using a bastion box to safeguard access to servers
    • in conjunction with, e.g., AWS security groups


  • master is always deployable
    • this means that proposed changesets are always tested prior to being merged to master
    • this probably means that a CI solution must be implemented
  • infrastructure topology is replicated faithfully in QA/staging
    • this means that if you have, e.g., separate database servers in PROD, you should have them separated on QA as well
    • a little much to ask for dev environments, but bonus points if possible
  • deploys happen automatically on merge to master


  • logging is centralized
  • metrics-per-feature are collected to verify live functionality
  • stacktrace aggregation (e.g. Sentry) is in place
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.