Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Change Management Policy

Rules

This document defines how changes are made to the platform to ensure stability, auditability, and reproducibility.

The Source of Truth

The platform is defined entirely in code. The Git repository is the sole source of truth for:

  1. Infrastructure Configuration: YAML, HCL, and scripts.
  2. Architecture Decisions: ADRs in Markdown.
  3. Technical Documentation: This book.

Change Workflow

All changes (except for emergency “break-glass” scenarios) must follow this flow:

  1. Draft: Propose the change in a new branch.
  2. Review: Peer review or self-review (for minor changes).
  3. Merge: Merge into the main branch.
  4. Deploy: Automated CI/CD pipelines apply the change.

Documentation Requirements

  • Significant architectural shifts MUST be recorded as an ADR.
  • All service deployments MUST have a corresponding entry in the Service Catalog.
  • Manual configuration on nodes is strictly forbidden unless codified immediately after.

Secrets Management

  • Clear-text secrets MUST NEVER be committed to Git.
  • Use a dedicated secrets manager or encrypted storage (e.g., SOPS) for credentials.
  • Secrets MUST be rotated if a compromise is suspected or as per the defined rotation schedule.