We decided that everyone in the team is allowed to approve changes. If no one has reviewed your change within 24 hours you are allowed to approve it yourself. It will usually come up in the daily sync that a self approval is imminent, which usually leads to someone taking a look.
Self-approval leads to a road of sadness. For example, a theoretical company needs to self-renew an ssl cert. No problem, the cert will be stored with the rest of the secrets and retrieved in a secure way on deployment. Unfortunately if you don’t store the cert key in a secure way, the deployment still works fine and you don’t need to figure out the “onerous” encryption process.
So you push the private key to the company git repo, and then deploy the cert! Done and Done.
We decided that everyone in the team is allowed to approve changes. If no one has reviewed your change within 24 hours you are allowed to approve it yourself. It will usually come up in the daily sync that a self approval is imminent, which usually leads to someone taking a look.
Self-approval leads to a road of sadness. For example, a theoretical company needs to self-renew an ssl cert. No problem, the cert will be stored with the rest of the secrets and retrieved in a secure way on deployment. Unfortunately if you don’t store the cert key in a secure way, the deployment still works fine and you don’t need to figure out the “onerous” encryption process.
So you push the private key to the company git repo, and then deploy the cert! Done and Done.