Tools & Workflow
The tools a job expects you to already know — migrations, build systems, message queues, CI/CD, containers, cloud, auth, and observability — each explained for the day you have to use it.
Database Migrations 6
Flyway, From Zero Version-control your database schema with Flyway: numbered, immutable migration files applied in order, so every environment ends up with the exact same schema.
Liquibase, From Zero Database migrations with Liquibase: changesets in SQL, YAML, or XML, a tracked changelog, and database-agnostic changes when you need to target more than one engine.
Alembic, From Zero Schema migrations for Python and SQLAlchemy with Alembic: autogenerate from your models, review the diff, and apply with upgrade/downgrade.
Prisma Migrate, From Zero Schema-first migrations in the Node world: edit your Prisma schema, generate a migration, and keep dev and production in sync without drift.
golang-migrate and Atlas Database migrations for Go and beyond: golang-migrate's plain up/down SQL files versus Atlas's declarative, diff-the-desired-state approach.
dbmate and Sqitch Lightweight, framework-agnostic database migrations: dbmate's simple timestamped SQL files and Sqitch's dependency-graph approach with verify and revert.
Build & Package Managers 6
Maven, From Zero Java's build tool and dependency manager: the POM, the build lifecycle, coordinates and repositories, and why 'it works on Maven Central' is the default.
Gradle, From Zero The flexible build tool behind Java, Kotlin, and Android: tasks and the build graph, the Groovy/Kotlin DSL, dependency configurations, and the build cache.
npm, pnpm, and Yarn Node package managers explained: package.json, the lockfile that pins your real dependency tree, semver ranges, and why pnpm's content-addressed store is so fast.
Python Packaging: pip, venv, Poetry, uv Taming Python environments: virtual environments, pip and requirements, the modern pyproject.toml with Poetry, and uv's blazing resolver — without dependency hell.
Make and Makefiles The 50-year-old build tool that still runs everything: targets, prerequisites, and recipes — a dependency graph that rebuilds only what changed.
Bazel, From Zero Google's build system for huge, multi-language repos: hermetic, reproducible builds with aggressive caching and parallelism — and the steep tradeoff that buys.
Messaging & Caching 4
Kafka, From Zero The distributed log everyone runs in production: topics, partitions, offsets, and consumer groups — append-only streams you can replay, not a traditional queue.
Redis, From Zero The in-memory data store that does ten jobs: cache, session store, queue, rate limiter, and lock — with data structures, TTLs, and the persistence tradeoff.
RabbitMQ, From Zero The classic message broker: exchanges, queues, and bindings route messages to workers, with acknowledgements and dead-letter queues for reliable delivery.
NATS and Amazon SQS Two lighter messaging options: NATS for fast, simple pub/sub and request-reply, and SQS for a fully managed, zero-ops cloud queue.
CI/CD 4
GitLab CI/CD, From Zero Pipelines defined in .gitlab-ci.yml: stages, jobs, and runners that build, test, and deploy on every push — with artifacts, caching, and environments.
Jenkins, From Zero The CI server that still runs much of enterprise: the Jenkinsfile pipeline-as-code, stages and steps, agents, and the plugin ecosystem for better and worse.
Argo CD and GitOps Deployment by pull, not push: GitOps makes a Git repo the source of truth for your cluster, and Argo CD continuously reconciles reality to match it.
CircleCI, From Zero Cloud-native CI/CD with config.yml: jobs, workflows, executors, and orbs — fast parallel pipelines without running your own server.
Containers & Orchestration 3
Helm, From Zero The package manager for Kubernetes: charts template your manifests, values parameterize them per environment, and releases are versioned and rollback-able.
kubectl, Day to Day The Kubernetes commands you actually use: get/describe/logs/exec to see what's happening, apply to change it, and the debugging loop when a pod won't start.
Podman, From Zero The daemonless, rootless container engine: a drop-in for most Docker commands, plus pods and the security win of running without a root daemon.
Infrastructure as Code 3
Ansible, From Zero Configuration management without agents: SSH into your servers and run idempotent playbooks that bring them to a desired state, every time.
Pulumi, From Zero Infrastructure as actual code: define cloud resources in TypeScript, Python, or Go, with real loops and functions, while Pulumi tracks state like Terraform.
AWS CloudFormation AWS's native infrastructure as code: declare resources in a template, and CloudFormation creates, updates, and rolls back the whole stack as one unit.
Cloud Platforms 3
AWS Core Services The handful of AWS services behind most apps: S3, EC2, RDS, IAM, and Lambda — what each does, how they fit together, and the IAM model that gates it all.
Azure Fundamentals Microsoft's cloud for people who know AWS or none: resource groups and subscriptions, the core compute/storage/database services, and Entra ID for identity.
GCP Fundamentals Google Cloud essentials: projects as the unit of organization, the core compute and storage services, and IAM — with a quick map from AWS terms.
Observability 5
OpenTelemetry, From Zero The vendor-neutral standard for telemetry: traces, metrics, and logs from one instrumentation, exported anywhere via the OTel collector.
Sentry, From Zero Error tracking that turns a vague bug report into a stack trace: grouped issues, the breadcrumbs and context around a crash, releases, and source maps.
The ELK Stack Centralized logging with Elasticsearch, Logstash, and Kibana: ship logs from everywhere, index them, and search and visualize across your whole fleet.
Datadog, From Zero The all-in-one observability platform: the agent, metrics and dashboards, APM traces, log management, and monitors — plus the bill that surprises teams.
Grafana Loki Logs that act like Prometheus: Loki indexes only labels (not full text), making centralized logging cheap, and ties them to your metrics in Grafana.
Testing Tools 7
Pytest, From Zero Python testing that gets out of your way: plain assert, fixtures for setup and teardown, parametrize for table-driven tests, and a rich plugin ecosystem.
JUnit and Mockito The Java testing duo: JUnit 5 for structuring and running tests with assertions and lifecycle, and Mockito for mocking the collaborators you want to isolate.
Jest and Vitest JavaScript and TypeScript testing: Jest's batteries-included matchers, mocks, and snapshots — and Vitest, the faster, Vite-native drop-in with the same API.
Playwright, From Zero Reliable browser end-to-end tests: auto-waiting locators that kill flakiness, cross-browser runs, tracing, and codegen to record a test by clicking.
Cypress and Selenium Two more ways to test in a browser: Cypress's developer-friendly in-browser runner, and Selenium/WebDriver, the long-standing cross-language standard.
Testcontainers, From Zero Integration tests against the real thing: spin up a throwaway Postgres, Kafka, or Redis in Docker for each test run, then tear it down automatically.
Load Testing: k6 and JMeter Find the breaking point before your users do: k6's scriptable load tests and JMeter's mature GUI approach, plus how to read the results.
Code Quality 4
ESLint and Prettier Stop arguing about code style: Prettier formats automatically, ESLint catches real bugs and bad patterns, and together they end the bikeshedding.
Ruff and Black Python code quality at speed: Black formats with no options to argue about, and Ruff lints and now formats astonishingly fast, replacing a stack of older tools.
SonarQube, From Zero The enterprise code-quality gate: static analysis for bugs, vulnerabilities, and code smells, with coverage and a quality gate that can block a merge.
pre-commit Hooks Catch problems before they're committed: the pre-commit framework runs formatters, linters, and secret scanners automatically on every git commit.
Auth & Identity 3
OAuth2 and OpenID Connect The standard behind 'Log in with Google': OAuth2 grants delegated access, OIDC adds identity on top, and the authorization-code-with-PKCE flow ties it together.
JWT, In Depth What a JSON Web Token really is: three base64 parts, a signature you must verify, and the stateless-auth tradeoffs (plus the mistakes that cause breaches).
Keycloak and Auth0 Don't build auth yourself: a managed identity provider (Auth0) or a self-hosted one (Keycloak) gives you login, social sign-on, MFA, and OIDC out of the box.
API & Search 3
OpenAPI and Swagger Describe your REST API once in OpenAPI, and get interactive docs, client SDKs, request validation, and contract tests for free — the API as a spec.
Elasticsearch and OpenSearch Full-text search at scale: the inverted index, analyzers and relevance scoring, and how a search engine differs from a database WHERE clause.
GraphQL Clients (Apollo) Consuming GraphQL from the front end: how Apollo Client's normalized cache, queries, and mutations change data fetching versus REST calls.
Secrets & Supply Chain 3
HashiCorp Vault Stop hardcoding secrets: Vault stores them encrypted, gates access by policy, issues short-lived dynamic credentials, and keeps an audit trail.
Artifact Registries: Docker Hub, Nexus, Artifactory Where your builds live: container and package registries that store, version, and serve your artifacts — with the proxying and access control teams rely on.
Protobuf and Avro Binary serialization with a schema: Protocol Buffers and Avro make data small and fast across services, and force you to think about schema evolution.