Quiz: Chapter 01 (Guardrails Before Speed)

Questions

1. Why is bundling image and ingress changes in one push risky during incident pressure?

2. What does scripts/guard-kube-context.sh protect against?

3. Which statement is correct?

• A) Context checks are optional in develop.
• B) Context checks reduce wrong-cluster/wrong-namespace writes.
• C) Context checks slow work and add no safety value.

4. Why should Terraform apply be gated by a reviewed plan artifact?

5. What is the safest rollback order when both app and ingress were changed?

6. Which command is a Kubernetes deployment rollback?

• A) kubectl -n develop rollout undo deployment/backend
• B) kubectl delete ns develop
• C) terraform destroy

7. Why is “one change type per PR” a guardrail?

8. If guard-terraform-plan.sh apply fails due to stale/missing metadata, what is the correct next action?

9. Which local hooks directly support this chapter’s guardrails?

10. Complete the principle:

• A) AI decides, human executes.
• B) AI proposes, human decides.
• C) AI auto-applies in non-production.

Answer Key (Short)

1. It creates correlated failure modes and slows triage/rollback.
2. Wrong context or namespace writes.
3. B
4. It ensures apply uses reviewed, explicit changes and prevents blind mutation.
5. Separate rollback by change type, verify health after each, then reconcile via GitOps.
6. A
7. It reduces blast radius and keeps root-cause attribution clear.
8. Regenerate and review a fresh plan, then re-run guarded apply.
9. pre-commit-master-check, prevent-amend-after-push, and flux-kustomize-validate.
10. B