The DevOps engineer's handbook The DevOps engineer's handbook

Shadow CD

Shadow CD is where teams create custom solutions for Continuous Delivery processes. Unfortunately, The solutions cost more time in support, training, or maintenance than using a purpose-made tool.

Shadow CD in practice

Imagine you’re working in a small startup, and you start having problems reliably deploying your software.

Rather than invest money or time in a tool, someone on the team codes a quick solution that solves the initial problem. When the next problem arrives, they might add to that solution or make a new one.

The pattern repeats as more problems arise. Eventually, the team unwittingly created a cobbled-together, end-to-end deployment tool.

While that sounds like a good result, there are many reasons why it’ll hurt you in the long run.

Why Shadow CD is a problem

Because of the cobbled-together nature of what eventually becomes Shadow CD, there are many problems you could encounter.

Firstly, the created solution is born from only an immediate understanding of the problem. That alone is fine; someone on the team will understand the pain points more intimately than someone outside. It’s what comes after that will hurt you.

After all, the one that creates a custom solution will inevitably become responsible for its upkeep, which can play out in 2 ways:

  • If that person is too busy on core work, the solution will suffer. The solution will eventually impact the quality of their core work.
  • If that person focuses too much on maintaining their custom solution, they won’t have time to do their actual work.

If that same person leaves the company, others will have to take the solution’s reins, which is never as simple as it sounds. The custom deployment system might have quirks others don’t understand. It might be easy to break but hard to fix.

Why? Because there are a million ways to approach the same problem in software development. There’s no counting that a custom solution will make sense to another developer. Someone stepping in might need to spend time reverse-engineering the solution they inherited.

If multiple people created different elements of the Shadow CD solution, its upkeep becomes even more difficult.

Even if the custom solution continues to work, there are no guarantees it’s the best way for you to deploy. You might even miss out on the feedback needed to improve your pipeline.

An exception in Platform Engineering

Platform Engineering is an exception to the Shadow IT rule. Platform engineering teams provide their organization’s developers with optional solutions through an Internal Developer Platform (IDP).

The reason this works but Shadow IT and Shadow CD don’t is simple:

  • Platform Engineering has clear lines drawn about responsibilities for a solution.
  • Platform teams exist only to develop those solutions.


Any form of Shadow IT ends up being more expensive than you think and Shadow CD is no different.

Invest time or money into a good Continuous Delivery tool upfront, and you’ll save yourself a world of hurt. You can always swap it for something better when your product outgrows it.

Help us continuously improve

Please let us know if you have any feedback about this page.

Send feedback


Next article
YAML sprawl