Zero-Incident CI/CD for a Privileged Access Server Fleet
Modernized the delivery pipeline for an internal Linux server management application monitoring elevated-access privileges across roughly 400 US and UK servers, moving from manual releases to a fully automated, contract-tested pipeline.
Impact: Cut vulnerability remediation effort from ~15 developer-days per month to ~2, while sustaining zero production incidents across 6 months of multiple-times-per-week deployments.
View architecture decisions
Architecture: Serverless application (AWS Lambda) sitting behind a proxy layer, deployed through a Jenkins pipeline with consumer-driven contract tests (Pactflow) verifying compatibility between the proxy and application layers on every change, backed by unit and integration test suites and Mend Renovate for automated minor-version dependency updates.
Challenge: The application manages elevated-access privileges on ~400 Linux servers across the US and UK, a high-risk surface where undetected breaking changes or unpatched dependencies carry outsized security risk. Before the rebuild there were no integration tests, and vulnerability remediation was almost entirely manual.
Design Decisions & Tradeoffs: Adopted consumer-driven contract testing specifically to guard the proxy-to-application-layer boundary, catching breaking changes before they reached production rather than relying on manual regression checks. Paired this with Mend Renovate to auto-remediate minor version bumps continuously, shrinking the vulnerability backlog proactively instead of batching upgrades reactively.
Scalability & Performance: Manages roughly 400 Linux servers across US and UK environments, with deployments shipping multiple times per week and zero production incidents in the 6 months since the new pipeline went live.
