Hacker News new | past | comments | ask | show | jobs | submit login
Launch HN: Gold Fig (YC S19) – Version Control for Settings Pages
127 points by vikrum 74 days ago | hide | past | web | favorite | 19 comments
Ahoy HN! We’re Greg and Vikrum, co-founders of Gold Fig.

Gold Fig is a tool that automatically creates a shared log of configuration changes to the SaaS tools you use. Modern applications are built atop a menagerie of these tools. Services like Stripe, SendGrid, Zapier, Segment, Twilio, Sentry, Travis, GSuite, domain registrars, CDNs, or even internal dashboards can directly affect your production and corporate environments, yet their configuration is not tracked with anything near the same fidelity as source code.

Mistakes occur when people make config changes without proper context. Depending on which service was impacted this can result in outage, loss of revenue, or reputational harm. It’s usually the thing that broke in a subtle way for some extended period of time that bites the worst. Moreover, when an incident does occur, the respondent often also has limited context about changes made, leading to longer resolution times and possibly even further misconfiguration as previous configuration was lost. As an example, we've personally experienced this pain when managing the CDNs fronting core services. We had to synchronize changes across our Fastly configurations, DNS records, and origin servers, with no single source of truth to guide us. Any mistake could result in downtime.

Some teams attempt to address this lack of context by putting one person in charge of doing all of the configuration for a service provider, leading to development bottlenecks. Other teams attempt to manually track these updates in a text file, email threads, or in their team chat. With Gold Fig, we want teams to be able to confidently share the management of their SaaS tools. Team members should have access to the full context behind all of the configurations they manage, and should be able to easily keep themselves up to date as they evolve. Gold Fig lives alongside automation tools like Terraform and Cloudformation, allowing you to plug the gaps that those tools can’t cover.

Our initial product is a browser extension that automatically launches on settings pages of SaaS tools. When you make a change on these sites, the extension gives you the opportunity to also provide a commit message, similar to how you would with a code check-in. Now you have a record of some button clicks that impacted your environment. The change has a permanent URL so you can look it up later if you forgot what you did, use it to help you move settings from staging to prod, or have others review the changes that were made. Now that Gold Fig has captured what changed, when, and why, you’ll never get stuck in a situation where only one person knows exactly how something was configured. A byproduct of Gold Fig is that you now have a foothold into being able to undo these types of changes. We envision Gold Fig being part of all devops team’s way of surfacing and tracking changes. In the future we’ll be able to empower teams to do pull-request like approvals, show context before a change is about to occur, and provide more awareness to those responding production incidents.

Our extension is able to capture payloads while being generally agnostic of the site itself. We’ll capture changes even if we haven’t seen the site before or if something has changed from the previous time we encountered it. For common sites like AWS or GCP we capture additional rich context like the product being impacted, the region/zone, and project name. We also aim to work on sites we don’t have access to like internal dashboards teams have built to manage customers, environments, or settings.

We’d love to hear your experience with settings pages and SaaS configs. We’ll be here listening to your feedback, answering your questions, and happy to field any feature requests for Gold Fig you may have. You can give it a whirl here: https://app.goldfiglabs.com/ Thank you!

Greg & Vikrum - hello@goldfiglabs.com




The Gold Fig founders know what they're talking about here. Vikrum ran devops for Firebase from the first server in 2011 up to millions of users after the Google acquisition. Greg was the TL for the Firebase Realtime Database, our flagship product that powers a huge number of apps. They're experts, not only because of what they learned building Firebase, but also because they got insight into how our big customers ran their services and teams.

Vikrum actually built a browser plugin at Firebase that was simple but incredibly useful. It color-coded cloud settings pages for different environments (prod, staging, dev) to prevent someone from accidentally changing the config in prod when they didn't mean to. We required the whole Firebase team to use it, and it honestly saved us from multiple downtime incidents.

If you're managing a service, I really suggest you try Gold Fig out. You can get the benefit of everything that Greg and Vikrum have learned (painfully from years of real experience) about how to run services and be safe with your config!

(I'm one of the Firebase founders)


Thanks for the kind words, Andrew!


... A browser extension that automatically launches on settings pages of SaaS tools. When you make a change on these sites, the extension gives you the opportunity to also provide a commit message, similar to how you would with a code check-in. Now you have a record of some button clicks that impacted your environment. The change has a permanent URL so you can look it up later if you forgot what you did, use it to help you move settings from staging to prod, or have others review the changes that were made. ... Our extension is able to capture payloads while being generally agnostic of the site itself. We’ll capture changes even if we haven’t seen the site before or if something has changed from the previous time we encountered it.

This sounds amazing, would have definitely made my life easier on many projects ... looking forward to checking it out!

Oh, and one thing to add if you haven’t already is the ability to whitelist which domains the extension is active on for privacy purposes.


Thanks, and good suggestion!

I put together a gist with the currently supported services: https://gist.github.com/gsoltis/302b3e60d385854a9a5158d0c071...


This is a space where I really prefer Infrastructure as Code/configuration as code. Something like Terraform for instance.

Once the complex configuration is represented in code, we can take full advantage of the tools we already use to manage code, like version control, diffing, pull requests, issue tracking, etc.


For sure! Infrastructure as Code is great. However, there are plenty of instances where services you depend on cannot be configured with Terraform. Additionally, we have found that there are lots of companies who have a wide variety of setups across all of their teams (internal dashboards, engineering teams that are not focused on infrastructure, etc.). Some teams may be fully automated, while others are not. For some, it just isn't a priority. We hope that Gold Fig will work for them. We think that being able to represent the changes in the way that they are already used to making them will provide a stepping stone towards automating more of their setup.


Congrats on launching a great idea! This is super useful because not every configuration can be modeled with Terraform/CloudFormation or such.

Are you planning to add the ability to revert a configuration? I realize it’s not always possible but might be useful for simple situations where a toggle was flipped.


Yup, that is definitely on the roadmap! You're right that it won't always be possible, but for many of the more popular tools, it can be done.


Love the idea! It always made me nervous when I was given access to other teams tools with the ability to inadvertently break them.

It sounds like for now you could still end up with out-of-band changes because you can’t force folks to use a browser extension before twiddling switches on a confit page. What’s your long term vision for tackling that aspect of the problem?


Agreed that the surface area around the out-of-band changes is a concern. We find that educating our users around getting the extension installed team wide is the primary approach by way of policy (in GSuite orgs, you can install extensions team wide) or training (on-boarding docs/new hire orientation). Just as with source control we can commit straight to the main branch, it's through policy/training that we do things like mandatory pull-requests/reviews to not "allow" that. Long term we envision Gold Fig plugging in to your projects as a read-only member to pick up any other out-of-band changes.


That’s actually very clever. There are even some services where you have to manually update the settings per user, which is no fun for anybody. A way to eventually consolidate all our saas config would be ace.


That is what we're aiming at. We're starting by capturing deltas, but we'll eventually be able to backfill the entire existing configuration, whether it has changed or not. That can then live alongside the configuration for your other services. This is where you get a lot of power: you'll be able to write tests or constraints across different services, for instance requiring DNS settings include ownership markers for your GSuite domain.


Congrats on your launch! This sounds super cool. It's interesting to see all of these services that are productizing very specific parts of the development and deployment stack.


Thank you! We are definitely looking at what else is happening in the space with companies like Pachyderm (https://pachyderm.io/) and DVC (https://dvc.org/features). We're also starting to see the development model starting to make its way in to more and more consumer apps as well (Think "document history" in things like Google Docs). Our view is that as more and more of these services specialize the analogous "Version Control for X" is inevitable.


best of luck with this, sounds like a great idea... there are always new improvements to be made to processes and you just found a great one.


Thank you! Are there other examples of new improvements to the development process you've come across? Currently we're positioning Gold Fig to live alongside source control and IaaS. However, we feel there's a huge opportunity to bring the same level of rigor that "version control" encodes to all the (traditionally) non-technical SaaS, enrich existing process (e.g. Gold Fig's log can add more color to your PagerDuty alerts), etc.


What if one of my coworkers does not have the browser extension?


Have your IT team enforce it? If you don't have centralized management of your computers then you're probably small enough to go around to everybody and say, "install this".


Currently, any changes made without the extension won't be tracked. For some services, we will eventually be able to capture the delta anyways, if they have API access to their own configuration. This, however, is still sub-optimal because you lose out on the commit message and the opportunity to capture the intent behind the change at the time that it's being made.

Our hope is that much like policies around code review, where often you can commit to master, but by policy you don't and request a review first, your coworkers will see the value in everyone contributing so that everyone is kept aware and the log is maintained.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: