Infrastructure as Code (IaC) & platform
Terraform, OpenTofu, Crossplane, Kubernetes (K8s), and Cloudflare Edge Network—with review, scanning, and promotion across environments.
Development, Security, and Operations (DevSecOps) Tooling
PT Cloud Platform Indonesia (PT CPI) operationalizes modern Development, Security, and Operations (DevSecOps)—not scanning licenses alone, but consistent delivery patterns from infrastructure through applications.
Stack we emphasize
Section titled “Stack we emphasize”Git-based Operations (GitOps)
Argo CD and Flux CD for declarative deployment, drift detection, and progressive delivery in clusters.
Secure Software Development Life Cycle (SDLC)
Snyk, GitLab, and GitHub—Static Application Security Testing (SAST), Software Composition Analysis (SCA), container/Infrastructure as Code (IaC) scanning, policy gates, Software Bill of Materials (SBOM), and audit trail on pull requests.
Modern applications
Go, Rust, TypeScript + Effect; Astro, SolidJS, Huma + Chi, Axum, Hono, Elysia frameworks; Bun runtime; Redis, PostgreSQL, Typesense data layer.
Patterns we apply
Section titled “Patterns we apply”- Infrastructure as code with Continuous Integration (CI) gates—Terraform/OpenTofu/Crossplane does not merge without review and scan
- Git-based Operations (GitOps) as single source of truth for workloads on Kubernetes (K8s)
- Security checks on pull requests (shift-left), not only in production
- Observability (metrics, logs, traces) as part of definition of done