Skip to content

Handbook Charter

The handbook is the authoritative internal source for engineering standards. It exists to reduce ambiguity, not to replace engineering judgement.

The handbook applies to internal Nexa product development across all engineering teams. It currently covers application containers, internal Kubernetes delivery, deployment configuration, and Terraform IaC. External product packaging and customer distribution are deliberately separated.

  • MUST: Engineering teams follow the latest approved major version of the handbook.

  • MUST: Material changes are reviewed by Platform Engineering and representatives from application, QA, and security teams.

  • MUST: Repository-specific instructions may add controls but may not silently weaken mandatory controls.

  • MUST: Exceptions are documented with owner, reason, compensating control, and expiry date.

  • SHOULD: Review the handbook quarterly and after major platform incidents.

  • SHOULD: Treat examples as reference implementations and keep them executable.

The handbook is version-controlled. Changes are proposed through pull requests, reviewed by CODEOWNERS, tested where examples are executable, and announced through engineering channels. Major changes include a migration window.

Compliance is demonstrated through repository configuration, protected-branch settings, CI results, and review records. Teams should be able to show the evidence without reconstructing it manually.

Policy documents often fail by becoming aspirational, stale, or disconnected from tooling. Nexa avoids that by pairing every mandatory standard with evidence, templates, and a named owner.

Future extensions may cover Databricks Apps, Snowflake Native Apps, MCP servers, data pipelines, and external customer delivery. These extensions inherit the core standards unless they explicitly override them.