Incidents that leave a lesson the next on-call can find

A ci pipeline🚇ci_pipelineA CI/CD pipeline produces the build artifact🏺build_artifactA build output (binary, container image) and deploys the service⚙️serviceA deployable service or microservice, and the runbook📘runbookA runbook for incident response that mitigates an incident🚨incidentA production incident is a typed node alongside them.

The path out of an incident links to the path that shipped it. Recovery is not improvised under pressure, because the runbook that handles a given failure is one edge from the incident it was written for.

A monitor📺monitorA monitoring check watches the service⚙️serviceA deployable service or microservice, measures the service level indicator🌡️service_level_indicatorA service level indicator (SLI) behind an SLO, triggers via an alert rule🛎️alert_ruleAn alerting rule wired to a named owner, and detects the symptom⚠️symptomA symptom of a problem before a user reports it.

The measurement and the promise sit in one graph. An alert always names the service and the indicator it fired on, so the page that opens already says where the problem is.

An incident🚨incidentA production incident breaches a service level objective🥅service_level_objectiveA service level objective (SLO), affects a feature⭐featureA product capability or feature, triggers a postmortem🩻postmortemA post-incident review, is caused by a root cause🪝root_causeAn identified root cause of an issue, and generates support tickets. Each is a typed edge, so the blast radius resolves to a query rather than a reconstruction.

The loop closes back onto the rest of the product. The feature affected is the same one the roadmap tracks, and the SLO breached is the one engineering set. When a similar failure starts, the graph already records what happened last time.

A postmortem🩻postmortemA post-incident review identifies the root cause🪝root_causeAn identified root cause of an issue and produces a runbook📘runbookA runbook for incident response, and the root cause is resolved by a fix🪛fixA fix applied to resolve an issue, affects the service⚙️serviceA deployable service or microservice, and causes the bug🐛bugA defect or unexpected behaviour it explains.

Prevention links to the failure it answers. When a similar incident appears, the graph names the root cause it shares and the fix that worked, in place of an engineer half-remembering a thread from last year.

A test suite📂test_suiteA suite of related tests contains the test case🌵test_caseAn individual test case nodes and includes the regression test♻️regression_testA regression test that guards against old bugs, is tested via a qa session🐞qa_sessionAn exploratory QA session, covers the feature⭐featureA product capability or feature it protects, and is measured by a test coverage report🎏test_coverage_reportA test coverage report.

The question “is this safe to ship?” resolves to the gate the graph already holds. The regression that caught last quarter’s bug is linked to the feature it protects, so the reason a check exists stays attached to the work it guards.

A compliance framework🏟️compliance_frameworkA compliance framework (SOC 2, GDPR, etc.) mandates a compliance requirement⛲compliance_requirementA compliance requirement, requires the security control🎚️security_controlA security control or mitigation that satisfies it, and is verified by a security audit🛃security_auditA security audit. The customer’s voice is typed in the same way: a support ticket reveals a need🫀needA user need, pain, desire, or constraint and reports a bug🐛bugA defect or unexpected behaviour.

An audit and a customer report draw on the same structure. A ticket becomes discovery and delivery work, linked to the need it raised and the bug it found, so the help desk feeds the rest of the product rather than closing the thread.