The commit looked clean, but production was already different. That’s the danger — when infrastructure as code and reality stop matching, you lose control.
Drift detection is the act of catching those changes before they spread. Instead of relying on manual checks or delayed audits, you scan live state against your versioned config. Mercurial, known for its lightweight branching and speed, can track revisions with precision. When paired with IaC drift detection, it becomes more than a VCS — it becomes a watchdog.
In practice, you keep your infrastructure definition in Mercurial. Every push or merge triggers a drift check against the actual resources in cloud or datacenter. The process compares Terraform states, Kubernetes manifests, or raw API responses to the committed files. If a developer made a change directly in the environment without updating the repo, drift detection flags it instantly.
The power lies in automation. Mercurial hooks can run drift checks at commit time or in CI pipelines. Combined with IaC scanning tools, this creates a zero-trust feedback loop: no configuration change is accepted until it passes both code review and drift review. The result is a live guarantee that production matches your declared state.
Why choose Mercurial over other source control? For teams working with large IaC files and frequent merges, Mercurial’s branch isolation and fast diffing can shorten detection cycles. The shorter the cycle, the smaller the window for risky drift.
Drift is silent until something fails. With Mercurial-driven IaC drift detection, silence breaks immediately, and you see exactly where and why. This speed is the difference between catching a config mismatch in minutes or discovering it during an outage.
Don’t just read about it—run it. Visit hoop.dev and set up IaC drift detection with Mercurial in minutes. See it live before your next deploy.