Don't get me wrong, I really like the stuff you guys are doing, but I think 18F and the rest of the Gov operate in two different realms of bureaucracy and feasibility. Your management is on board with this stuff, while for the rest of the Devs in the government it's an uphill battle from the bottom.
There is still a large gap between software that is on the approved list and the stuff you use, but as I am sure we both know, there are waivers and blind eyes for that. If someone really wants it, it will happen.
You guys are paving the way with your tools and process. But, please be careful, one serious security breach and it's kaput. For example; the incident with slack. I know it was trivial and people chose to blow it out of proportion, but regardless, it will now be harder for me to get slack approved for our team.
https://pages.18f.gov/before-you-ship/
And there's a GitHub repo with an issue tracker that would make for better conversation capturing than HN:
https://github.com/18f/before-you-ship