The operational backbone: pipelines, monitoring, incident response, security, quality gates, compliance, support. Specialised playbooks cover team rituals.
incidentv0.2.0When to run it
When the team has shipped enough to need operational discipline — incident response, runbooks, on-call rotation, security reviews. Also after a major reliability or security event.
What you'll have at the end
A devops baseline (pipelines, environments, deployments, runbooks). Specialised playbooks above it cover security, testing, accessibility, team rituals, and customer success.
Common starting point
The last incident you had. Capture it as an incident entity. Trace what should have caught it: runbook? monitor? threat model? Where the chain breaks is where you start.
Sequence summary
One step: run the devops creation sequence — pipelines, environments, deployments, runbooks.
Establish the pipeline. How does code go from commit to production reliably and reversibly?
Decide what you measure for availability, latency, and quality. Set targets. Wire alerts to people, not silence.
Define how you respond when things break. Every incident gets a postmortem; every postmortem identifies root causes; root causes drive change.
Model what could go wrong. Catalog known threats. Wire controls and access policies that actually constrain risk.
Establish what does not ship until tests pass. Define the test pyramid: unit, integration, end-to-end.
Map the frameworks you must comply with: SOC 2, GDPR, HIPAA, WCAG. Surface controls and audit cadence.
Define how customers reach you when things break, and how you build collective memory from each interaction.