(Not) the Tao of Cloudsmith

Back in 2016, when Cloudsmith was just getting started and we were thinking about how to build not just a platform but a business, we looked to companies and tools that we admired and wanted to be like: E.g., Hashicorp, with its Tao, and Python, with its Zen. Those ideas stuck with us, a simple set of values shaping how we build, think, and work.

So we came up with our own: the Tao of Cloudsmith. It is a nod to Hashicorp, but only in name. It captures ideas like Automate Everything, Collective Ownership, and Cloud Capabilities, intended to shape our thinking and help us avoid all the fallacies we'd seen in companies before. Yes, we were a little naive, but they worked, and it created Cloudsmith.

Fast-forward to 2025. Most of those still hold up. We reference them often. Some are less sticky, sure. But they're still part of the story. Still, as a thought experiment, what if we rewrote the Tao today? For today's world? As a way to think it through.

We've learned a lot in nine years. Teams are bigger. Threats are weirder. Expectations are higher. What worked in 2016 has to hold up in a very different world now, across scale, speed, and stakes. So it's worth asking: Which ideas are still sharp? Which ones have dulled?

Here's what I'd pick today. These are 100% Tao-influenced, and I don't doubt some will resonate with you. Feel free to beg, borrow, or steal. Or write your own. That's the point. But for 5 minutes, I'm going to pretend the Tao didn't exist (ahem, the oldies are still goldies).

Here we go, this is "not the Tao of Cloudsmith", but they're still a durable truth:

1. Secure by Default: Supply chain attacks are real and rising. Most orgs aren't prepared. By making the secure path the default, you remove decision fatigue and reduce risk without slowing teams down.
2. Performance is a Feature: Speed is trust. If it's fast, people keep using it. If it's slow, they route around it. You can have the best functionality in the world, but it's dead weight if it crawls.
3. Reliability is Table Stakes: This is infrastructure. It has to be up. Downtime breaks builds, blocks deploys, and burns trust. Five nines isn't a vanity metric. It's the bar when you're in the path of production.
4. Don't Make Me Think: Simplicity over complexity. Complexity slows teams, increases bugs, and makes onboarding hard. A simpler system is easier to reason about, operate, and scale.
5. Consistency Everywhere: Inconsistency makes systems unpredictable. That kills confidence. Whether it's UI, API, error messages, or logs, consistency builds intuition, which builds speed.
6. Build for Humans: Engineers are your users. They want power, yes, but also clarity and flow. Good DX means fewer support tickets, faster adoption, and happier teams.
7. Automate the Boring: Humans are "not good" at repetitive tasks. They're error-prone, slow, and get bored easily. Automation gives you speed, scale, and reliability. Focus the human brain on problems worth solving.
8. Transparency Builds Trust: People will forgive honest mistakes. They won't forgive silence or misdirection. Openness with customers and inside the company helps everyone work better together.
9. Own It End to End: Shifting responsibility breaks accountability. If you build it, you run it. If you ship it, you support it. Ownership sharpens quality.
10. Optimize for Flow, Not Control: Command-and-control slows innovation. Flow keeps teams moving and learning fast. This applies to product, ops, and even org design. Build systems that help smart people do their best work.
11. Be Boring Internally, Weird Externally (!): Internally, prefer battle-tested tech and stable systems. Externally, differentiate boldly. Your customers should see innovation, with clear product/market fit, not your internal chaos.
12. Be Boring Externally, Weird Internally (!!): To your customers, paradoxically, critical infrastructure should feel boring. Everything should just work; the principle of least surprise. That shouldn’t stop you experimenting behind the scenes.
13. Default to Collaboration: No single team has all the context. Good ideas come from anywhere. Cross-functional work avoids silos and leads to better design, faster shipping, and tighter feedback loops.
14. Iterate with Intent: Ship fast, but not randomly. Intentional iteration means learning quickly while staying aligned with strategy; velocity with direction.
15. Everything is an Artifact: Not just code, or binaries, but containers, configs, docs, policies, models, signatures, graphs, etc. If it runs or informs production, treat it like an artifact: version, secure, and track it.
16. The Platform is the Product: The product isn't just what customers see. It's a pipeline of features, systems, support, docs, and uptime. Treat everything you build and run as part of the product experience. And also, the product is the platform, too.

Gosh. 16 (was: 15) is a lot, right?

It's a good thing this is just an experiment. I'd have difficulty picking a top three; I've found myself saying all of these over the years, and I'll keep telling them. I said the last one about the Platform being the Product just yesterday. See: They endure, or maybe I'm just repetitive. :)

Aren’t values just write-once-read-many? Maybe. Like computer code, even good values don't exist in a vacuum; they degrade over time because the world changes around them. So maybe the point is that we should revisit them over time and remind ourselves why.

But do we even need to codify values? Maybe. Perhaps they're just good advice. My dad used to say wisdom is earned, not given. This is me just passing it on. If you need to read to know how to write, and write to know how to think, then this is my small token offering to help.

And that's a wrap; I hope you enjoyed the read. Do you have your own version of a Tao, suggestions for values, or just old-fashioned damn good advice? I'd love to hear it.