https://blog.abhipraya.dev/tags/devops/Recent content in Devops on Daffa AbhiprayaHugoen-us© Daffa AbhiprayaSat, 11 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/monitoring/Sat, 11 Apr 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/monitoring/<p>Error monitoring is one of those things that feels optional until the first production bug slips through unnoticed. A user reports &ldquo;the page is broken,&rdquo; you check the server, everything looks fine, and three hours later you discover a background task has been silently failing since the last deploy. This blog covers how we built monitoring that catches those failures before users do.</p> <blockquote> <p><strong>Note:</strong> Our project is hosted on an internal GitLab instance, so we use the term <strong>MR (Merge Request)</strong> throughout this blog. If you&rsquo;re coming from GitHub, MRs are the equivalent of <strong>Pull Requests (PRs)</strong>.</p>https://blog.abhipraya.dev/ppl/part-c/s2w1-aptitude/Mon, 30 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-c/s2w1-aptitude/<h2 id="overview"> <a class="anchor" href="#overview" data-anchor="overview" aria-hidden="true">#</a> Overview </h2> <p>Sprint 2 Week 1 (Mar 24 to 30) combined feature development with infrastructure hardening. The week produced two full-stack features (multi-device session management and email integration), a developer tooling improvement (Superset workspace isolation), and iterative CI quality gate improvements. Each required learning at least one technology from scratch.</p> <hr> <h2 id="1-multi-device-session-management"> <a class="anchor" href="#1-multi-device-session-management" data-anchor="1-multi-device-session-management" aria-hidden="true">#</a> 1. Multi-Device Session Management </h2> <p>SIRA needed per-device session tracking: users should see which devices are logged in, and admins should be able to revoke sessions remotely. This isn&rsquo;t a standard Supabase Auth feature; it required a custom session layer on top of the existing JWT auth.</p>https://blog.abhipraya.dev/ppl/part-a/teamwork-tools/Thu, 12 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-a/teamwork-tools/<h2 id="why-tooling-is-a-team-problem-not-a-devops-problem"> <a class="anchor" href="#why-tooling-is-a-team-problem-not-a-devops-problem" data-anchor="why-tooling-is-a-team-problem-not-a-devops-problem" aria-hidden="true">#</a> Why Tooling Is a Team Problem, Not a DevOps Problem </h2> <p>Most university software engineering courses teach you <em>which</em> tools to use (Git for version control, Jira for tickets, Docker for deployment). What they rarely teach is <strong>how tools interact with each other</strong>, and what happens when they don&rsquo;t.</p> <p>In a professional environment, a single commit can trigger a cascade: CI runs tests, a Slack bot notifies the team, a coverage report lands in SonarQube, and the ticket moves to &ldquo;In Review&rdquo; on the project board. This doesn&rsquo;t happen by accident. Someone has to build that integration layer, and in a university team, that someone is usually whoever cares enough about developer experience to do it.</p>https://blog.abhipraya.dev/ppl/part-c/s1w3-aptitude/Tue, 10 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-c/s1w3-aptitude/<h2 id="overview"> <a class="anchor" href="#overview" data-anchor="overview" aria-hidden="true">#</a> Overview </h2> <p>Sprint 1 Week 3 (Mar 4 to 10) was infrastructure-heavy. The project needed production-grade tooling that goes well beyond standard coursework: reverse proxies, email alerting, migration safety nets, security scanning, structured logging, and AI-integrated code quality analysis. Each of these required learning a new technology from scratch and applying it directly to the project.</p> <hr> <h2 id="1-nginx-reverse-proxy-for-subdomain-routing"> <a class="anchor" href="#1-nginx-reverse-proxy-for-subdomain-routing" data-anchor="1-nginx-reverse-proxy-for-subdomain-routing" aria-hidden="true">#</a> 1. Nginx Reverse Proxy for Subdomain Routing </h2> <p>SIRA runs three services on a single Nashta VM, each needing its own subdomain:</p>https://blog.abhipraya.dev/ppl/part-b/s1w2-code-quality/Wed, 04 Mar 2026 00:00:00 +0700https://blog.abhipraya.dev/ppl/part-b/s1w2-code-quality/<h2 id="the-tool-stack"> <a class="anchor" href="#the-tool-stack" data-anchor="the-tool-stack" aria-hidden="true">#</a> The Tool Stack </h2> <table> <thead> <tr> <th>Layer</th> <th>Tool</th> <th>Scope</th> </tr> </thead> <tbody> <tr> <td>Frontend lint + format</td> <td><a href="https://biomejs.dev">Biome</a></td> <td>TypeScript/TSX, 40+ enforced rules</td> </tr> <tr> <td>Frontend dead code</td> <td><a href="https://knip.dev">Knip</a></td> <td>Unused exports, imports, dependencies</td> </tr> <tr> <td>Frontend types</td> <td><code>tsc --noEmit</code></td> <td>TypeScript type checking</td> </tr> <tr> <td>Backend lint + format</td> <td><a href="https://docs.astral.sh/ruff/">Ruff</a></td> <td>Python, F401/F841 + style rules</td> </tr> <tr> <td>Backend types</td> <td><a href="https://mypy.readthedocs.io">mypy</a></td> <td>Python static types, strict mode</td> </tr> <tr> <td>CI quality gate</td> <td><a href="https://sonarqube.cs.ui.ac.id">SonarQube</a></td> <td>Coverage, code smells, security hotspots</td> </tr> </tbody> </table> <h2 id="pre-commit-hooks-husky"> <a class="anchor" href="#pre-commit-hooks-husky" data-anchor="pre-commit-hooks-husky" aria-hidden="true">#</a> Pre-commit Hooks (Husky) </h2> <p>Five checks run sequentially on every <code>git commit</code>. A failure at any step blocks the commit:</p>