Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
DevOps checklist


  • no credentials kept in codebase
    • use consul/zookeeper/etc., then have code load credentials from environment variables
  • using a bastion box to safeguard access to servers
    • in conjunction with, e.g., AWS security groups


  • master is always deployable
    • this means that proposed changesets are always tested prior to being merged to master
    • this probably means that a CI solution must be implemented
  • infrastructure topology is replicated faithfully in QA/staging
    • this means that if you have, e.g., separate database servers in PROD, you should have them separated on QA as well
    • a little much to ask for dev environments, but bonus points if possible
  • deploys happen automatically on merge to master


  • logging is centralized
  • metrics-per-feature are collected to verify live functionality
  • stacktrace aggregation (e.g. Sentry) is in place
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment