Runbooks & Evidence
Download the same templates, checklists, and playbooks I use to operate automation systems: CI/CD, cloud delivery, QA strategy, reliability, and security.
Strategy + plan templates built around scope, environments, risk, and entry/exit criteria.
Operational checklists for regression, API, and visual testing that reduce missed edge cases.
OWASP-focused checklist + release sign-off to communicate risk clearly.
Download Library
Showing 27 of 27 artifacts.
Playbooks
Interview Demo Script: Quality Dashboard + AWS Telemetry
30-second pitch + 5-minute walkthrough + common Q&A for demoing the flagship dashboard and AWS telemetry proof.
QA Playbook (1-page)
A concise, recruiter-friendly overview of how I approach quality (risk, automation, CI, reporting).
Flaky Test Triage Playbook
A repeatable workflow for diagnosing and stabilizing flaky tests (signals, classification, fixes, prevention).
Incident Triage Playbook (Ops-First)
A practical incident workflow: stabilize, restore, root-cause, and prevent recurrence. Written for on-call reality.
Cost Spike Triage Playbook (AWS)
How I investigate sudden AWS spend: Cost Explorer → service metrics → containment → prevention (budgets + guardrails).
Recruiter Pack (ZIP)
One-click download: QA playbook + filled strategy/plan/signoff + sample bug report.
Templates
Test Strategy (Template)
A scalable, risk-based test strategy template you can adapt for teams, products, and platforms.
Test Plan (Template)
A practical test plan template with scope, environments, entry/exit criteria, and reporting.
Risk-Based Test Matrix (Template)
Risk scoring model + mapping from risk to test depth and automation priority.
Traceability Matrix (Template)
Requirements → test cases → automation coverage tracking with execution status.
Bug Report Template (High Signal)
A bug report format optimized for fast triage and reproducibility (steps, expected, actual, evidence).
Release Sign-off (Template)
A release sign-off doc: risk summary, coverage summary, known issues, go/no-go criteria.
Checklists
Regression Checklist (Template)
Reusable regression checklist structure (smoke + critical paths + data integrity + monitoring).
API Testing Checklist
Coverage checklist for REST APIs: contracts, auth, rate limiting, negative tests, pagination, idempotency.
Security Testing Checklist (OWASP-focused)
Practical security coverage checklist aligned to OWASP Top 10 + API security basics.
Visual Testing Checklist
Visual regression + responsive + cross-browser checklist, including strategies to reduce diff noise.
Examples
Flagship Blueprint: Multi-tenant Reliability + Automation Platform
Recruiter-readable spec for the next flagship cloud/platform system: multi-tenant, async processing, SLOs, alerts, cost guardrails, and security receipts.
Security Evidence: WAF Rate Limiting (429) + Attack Simulation
Proof that edge rate limiting is configured and testable: a scripted attack simulation plus evidence capture.
Ops Evidence: SLOs + Incident Drill Report (Quality Dashboard)
Postmortem-style incident drill report + SLO/SLI framing for the AWS-backed quality telemetry system.
Evidence: AWS Telemetry S3 latest.json (metadata)
Proof that Cloud mode is backed by a real S3 object (retention, encryption, versioning, content-type).
Evidence: AWS Telemetry DynamoDB table (PAY_PER_REQUEST)
Proof of DynamoDB indexing layer for metrics (on-demand billing, schema, table ARN).
Evidence: GitHub OIDC trust policy (no long-lived AWS keys)
Proof of GitHub Actions → AWS OIDC federation trust policy for the telemetry writer role.
Evidence: Telemetry Proxy API routes (API Gateway)
Proof that the AWS proxy API exposes GET /metrics/latest for the portfolio Cloud mode (no AWS creds in Vercel).
Example: High-signal Bug Report (Filled)
A filled example showing the level of detail I aim for (evidence links, impact, environment, logs).
Test Strategy (Filled Example)
A fully filled strategy for a realistic retail/eCommerce app (scope, risks, coverage, CI gates).
Test Plan (Filled Example)
A filled release test plan (scope, approach, data, entry/exit criteria, risks).
Release Sign-off (Filled Example)
A filled sign-off: coverage summary, known issues, residual risk, and GO/NO-GO decision.
Evidence Gallery
Recruiter-friendly proof that these artifacts connect to real automation outputs: reports, CI runs, and example scan results.
WAF Rate Limiting Evidence (429)
Evidence capture showing WAF rate limiting in action (attack simulation triggers non-200 responses and subsequent 429).
Incident Drill Report (postmortem-style)
Recruiter-friendly incident drill write-up showing operational mindset: detect → triage → mitigate → verify → follow-ups.
AWS CloudWatch Dashboard (qa-portfolio-prod-api)
Exported CloudWatch dashboard JSON showing Lambda errors/invocations, p95 duration, and API Gateway access-log query widgets.
AWS CloudWatch Alarms (Lambda errors + duration p95)
Alarm configuration export proving operational monitoring: errors alarm + p95 duration alarm.
AWS API Gateway Routes (prod)
API Gateway route listing export showing /metrics/latest is deployed and reachable (token-protected).
AWS S3 Object Metadata (latest.json)
S3 head-object output proving encryption, size, versioning, and retention for the latest metrics snapshot.
AWS IAM Role Trust Policy (GitHub OIDC writer)
IAM role export proving GitHub Actions uses OIDC federation (no long-lived AWS keys) for writing metrics.
Playwright UI Report (HTML)
Screenshot from a UI smoke run showing the kind of output I use for debugging (screenshots, traces, failures).
Allure Report (BDD)
Allure evidence-first reporting from the BDD framework (attachments on failure).
Lighthouse CI Results
Lighthouse CI report output for key pages (performance, a11y, best practices, SEO).
Security Scan Output
Security scan output example (secrets + OWASP checks) used as evidence in the security suite.