Frigga Blogs

Ask most teams to show you exactly how their production environment is configured, and the honest answer is that they cannot, because the only complete record of it is the running system itself. The real state lives in the cluster and in the…

You scan your code for vulnerabilities and you lock down what runs in your cluster, but the pipeline in between, the thing that turns your source into the artifact you deploy, is usually wide open. Nothing along that path proves that the ima…

There is one deploy your team cannot simply roll back, and it is the one that touches your database. Every other change has an undo: revert the code, redeploy the old version, and you are back where you started. A migration does not work lik…

Most container images are large for one boring reason: the build tools sneak into production. The compiler, the package manager, the development dependencies, and often the source code itself all ship in the final image, where none of them r…

Every change you ship might be wrong. That is not pessimism, it is the base rate of software, and the only real question is how many of your users find out at the same time. The most expensive way to answer that question is all of them a…

Somewhere in your repository is a feature branch that was created two weeks ago, sits dozens of commits behind main, and that nobody wants to review. That branch is not progress. It is a merge you have been deferring, and it gets more expens…