Ecosystem

The open-source tools and infrastructure that power the platform.

Cloud

The cloud provider powering all platform infrastructure — GCP projects, networking, IAM, KMS, and billing.

The open-source IaC engine used across every layer of the platform — from GCP projects to Kubernetes manifests.

Managed Kubernetes clusters across multiple zones and regions with Workload Identity, KMS encryption, and GKE Fleet.

Package manager for Kubernetes used to deploy Istio, cert-manager, and other cluster add-ons.

Service mesh providing mTLS, traffic management, locality-based load balancing, and Cloud Armor WAF integration.

Automates TLS certificate lifecycle management on GKE — no manual renewal, no expiry surprises.

Enforces admission policies cluster-wide using Open Policy Agent — preventing non-compliant resources from being deployed.

Unified observability — logs, metrics, APM, synthetic monitoring, CSPM, application security, and cloud cost management.

Open-source secrets management platform — dynamic credentials, PKI certificate issuance, and short-lived secrets for all teams.

Fast, template-based vulnerability scanner used for scheduled security scanning of platform endpoints and APIs.

All 151 deployment pipelines run on a single reusable called workflow — consistent, auditable, and secure via OIDC.

Automated dependency updates across all repositories — keeping modules, providers, and Actions pinned to current versions.

Enforces formatting, validation, documentation generation, and security checks before every commit.

Used to containerize platform applications and build standardized development environments. Container images are pushed to Google Artifact Registry.

AI-assisted development across the platform — team-level agents automate module scaffolding, repo creation, and PR workflows.

Powers the platform documentation site — open-source, React-based, and deployed via GitHub Pages.