The Shape of Your Stack #1 - Shaped with Intention

Building a platform without a portal — and why that's exactly the point.

When most teams set out to build an Internal Developer Platform (IDP), they start with the front door. A portal. A dashboard. Something flashy to make the work visible.

But one team took a very different path.

Inside a mid-sized digital product agency, a lean platform team was tasked with supporting dozens of cloud-native projects across multiple clients. Rather than adopt someone else’s shape, or stand up a tool like Backstage out of the gate, they made a more intentional decision:

Start with the workflows. Not the UI.

No portal. No internal homepage. Just GitHub, score.yaml, and the developer’s terminal.

A Platform Built in the Open

Their guiding philosophy was clear from the beginning: build a platform that feels native to how developers already work.

Instead of driving traffic to yet another tool, the team leaned on GitHub Actions for CI/CD and standardized infrastructure provisioning through Terraform and Helmfile modules. Secrets are centrally managed via Doppler and AWS Secrets Manager, with automation handling injection at runtime.

Developers define their services using score.yaml, which becomes the contract between the team and the platform. From that declaration, the platform provisions environments, applies policies, and integrates with deployment workflows, all through code.

The result? No golden path wizard. No custom UI. Just clean pipelines, solid defaults, and opinionated templates that live alongside the app.

Fewer Tools. More Trust.

This platform doesn’t enforce workflows, it enables them. There are sensible opinions, yes, but no hard edges. Developers are free to adjust templates, use what they need, and ignore what they don’t.

That freedom doesn’t come at the cost of safety. Kyverno policies ensure consistency and guardrails at the cluster level. Score.yaml declarations enforce structure without rigidity. Secrets are invisible but traceable. And because everything happens through GitHub and PR workflows, developers always stay in the loop.

It’s not about locking things down. It’s about scaling trust.

What Works (and What Doesn’t)

The approach has its strengths. Teams onboard quickly because they don’t need to learn a new interface. They just work where they always do in GitHub. There’s no portal to log into, no tickets to open, no surprise YAML structures hiding behind a UI.

And yet, some friction remains. Developers unfamiliar with score.yaml can find it unintuitive. Multi-environment orchestration still relies on manual Terraform invocations, which the team hopes to streamline over time. And while skipping the UI kept the platform lean, it also left some devs wishing for more visibility into what’s happening behind the scenes.

But those tradeoffs were intentional. This is a team that chose transparency over polish, flexibility over control. And in doing so, they built a developer experience that feels light, efficient, and, most importantly, respectful.

The Shape That Matters

If you looked only at the tools, this platform might seem unremarkable:

CI/CD -> GitHub Actions
Secrets -> AWS Secrets Manager + Doppler
Infra -> GKE, EKS (client choice)
Governance -> Kyverno, Score.yaml
UX Layer -> CLI + GitHub workflows
Orchestration -> Terraform + Helmfile

But it’s not the stack that matters. It’s the shape it creates.

This platform lives in pull requests and configuration files, not in dashboards. It invites developers to move fast, but guides them with infrastructure-as-code and policy-as-code, not bureaucracy. It gets out of the way, and in doing so, gives developers more confidence, not less.

This isn’t a frictionless platform. But it’s a well-shaped one. And that makes all the difference.

Platforms don't need to be flashy to be effective. They just need to respect the developer.

Want the Visual Breakdown?

Subscribe to StackShapes.dev and get the visual version of this stack, plus future installments in your inbox.