Code review for every change that is introduced into the codebase should be a core principle followed by us all.
It doesn’t matter which Version Control System you use but every project should be under version control.
Every repository should contain a readme with one command that will provision a development instance of the application. It should be easy for a developer to checkout the project and start changing code; we want as little friction here as possible.
This can be managed in many ways but it should be possible to inject configuration into the application at runtime. Configuration should not contain any sensitive data such as passwords or keys. Options for this can include using environment variables or running a dedicated configuration server.
Every application should use a dependency/package management tool. Examples of these include Maven, Composer or NPM.
Every application should be using dependency injection.
Every application should log messages locally and upload logs to a central system. The logs can either be uploaded by the application itself or by an agent. elastic is a good option for storing and aggregating your logs.
Every application should expose metrics that can be used to measure and monitor the state of the application in realtime. These are useful as part of the deployment process to monitor whether a newly released version of our application has introduced any problems.
Every application should use a build tool to create a single artifact containing all dependencies. This is what will be deployed across the various environments. This may be done using a specific build tool such as Grunt or Gradle or by packing inside a Docker image.
The output of the build step is a single artifact. This should then be followed by a deployment stage which will deploy the artifact to the desired environments.