My Famous Formula: Speed = Process + Automation

Engineers spend a remarkable amount of time arguing about tools.

Should we use Renovate or Dependabot? Kubernetes or a simpler container platform? Flux or Argo CD? Terraform or OpenTofu? Helm, Kustomize, Docker, GitHub Actions, GitLab CI, Jenkins, Backstage—the list is endless, and every tool has enthusiastic supporters and experienced critics.

Those discussions are not useless. Tools have different capabilities, constraints, costs, and failure modes. But “Is this tool good?” is rarely the most important question.

The same problem appears when teams discuss processes. Someone proposes mandatory approvals, new push rules, another release gate, a branching policy, or a change board because it sounds mature or because another company does it. A process is adopted before anyone has defined which concrete failure it should prevent.

The better questions apply equally to tools and processes: What problem are we solving? Which system behavior should change? How easy will the new flow be to follow and automate? What will happen when it fails? Who will own it? Most importantly, how will we measure whether it worked?

That is the thinking behind my famous formula:

Speed = Process + Automation

Renovate Is Not the Problem. Your Pipeline Is.

Keeping dependencies current is healthy engineering.

Old dependencies accumulate security issues, compatibility problems, unsupported APIs, and migration work. Small updates that could have been routine become large upgrade projects after a team ignores them for two years. Nobody seriously argues that letting dependencies rot forever is a good strategy.

But nobody wants developers to spend every morning manually reviewing five patch releases, three lockfile refreshes, two base-image updates, and another minor version of a linting plugin.

Renovate appears to solve that problem neatly: discover updates, open merge requests, keep the project current. In practice, a default installation without policy or reliable automation can quickly become dependency spam. Merge requests pile up, developers become annoyed, and the updates slowly rot somewhere on the roadside.

The real dealbreaker is not Renovate. It is the quality of the pipeline around it. Renovate does not create engineering discipline. It exposes whether a team already has enough discipline and automation to handle continuous change.

Why I Recommend Trunk-Based Development

Using branches as environments sounds attractive at first.

A dev branch, a test branch, a staging branch, and a prod branch feel simple, visible, and comfortable. Developers merge into dev, testers approve what reaches test, and production receives whatever is finally merged into prod. The branch names appear to show exactly where software is in the delivery process.

It looks like control.

In many organizations, however, this model does not remove complexity. It hides complexity until it returns in uglier forms: drift between environments, unclear release states, repeated cherry-picking, back-merges, forgotten hotfixes, merge conflicts at the worst possible moment, and uncertainty about what was actually tested versus what is running in production.

That is why I recommend trunk-based development as the default for modern delivery. Code should flow through one main branch. Short-lived branches may represent work in progress, but environments should represent deployment state, not separate code realities.

GitOps: From Tribal Knowledge to Auditable Infrastructure

Infrastructure used to be full of stories that began with, “Ask Alex, they know how that server works.”

Someone had installed a package over SSH, changed a configuration file during an incident, added a cron job six months later, and opened a firewall port that nobody documented. The server might have been stable for years, but its real configuration existed partly on disk, partly in a ticket system, and partly in one person’s memory.

We improved this model with scripts, configuration management, Infrastructure as Code, and immutable images. GitOps takes the next step: it turns Git into the reviewed and versioned declaration of what our systems should look like, then uses software agents to continuously reconcile reality with that declaration.

That makes GitOps much more than “YAML in a repository.” It is an operating model for making infrastructure visible, reproducible, auditable, and less dependent on privileged individuals.

Vendor Lock-in: Why It Is Not Always Bad and How to Manage It Deliberately

Vendor lock-in is not about using a vendor. It is about losing room to move.

A company does not become trapped merely because it runs workloads on AWS, buys a SaaS product, uses a managed database, or adopts a proprietary development tool. Those are ordinary technology decisions. Lock-in begins when leaving becomes so expensive, risky, slow, or organizationally painful that changing direction is no longer a practical option.

That distinction matters because vendor lock-in is often discussed as if it were a moral failure. It is not. It is an architectural, operational, and business trade-off. Sometimes the dependency is dangerous. Sometimes accepting it is the fastest and most economical way to build a reliable product.

The real task is not to avoid every dependency. It is to understand which dependencies we are creating, what value they provide, and whether we could still change course if the assumptions behind them stopped being true.