Hey folks! Also a SWE turned Platform Engineer here. I'm working remotely for a company in the energy / analytics space and this is a new role for me. Looking to learn from and share with the community to figure out what tech and best practices we can leverage to build a seamless and secure platform experience for our org. So far we've been working on self-serve tooling with terraform/github, auth/security improvements and laying groundwork for a migration from Heroku to GKE sometime next year 🙂

Hey James 👋 welcome and it's a good thing to migrate out of Heroku if your team need to :)

Exciting stuff James! Good on you. Share some updates from the journey?

@Freja sorry for the slow response but I will be glad to share some updates! There has been some success early on moving resources associated with github, iam, storage etc. into terraform. One of the big wins thus far has been starting to allow teams to make pull requests against git repos that contain the terraform for managing those resources. That's all being done through a set of custom modules that wrap existing modules but enforce certain invariants / policies that act as guard rails. I've been less involved in the IAM part but it has been very cool to see take shape. I'm personally more involved in the planning and tool selection for updates to our stack as well as understanding our needs for GKE (particularly w/r/t our more resource intensive analytics workloads). We've been using skaffold+kustomize+cloudbuild successfully on a few small projects so far and people seem happy with the developer experience. Still weighing cloud deploy vs. some of the other options as well.