How engineers, designers, data scientists and product managers are working to deliver value to customers of Coop in Norway.
Remark: Even though flutter has been the featured framework here, the same solution can easily be recreated in other technologies as there is absolutely no language- or framework-specific code.
Coop Norge SA uses Terraform heavily to manage cloud resources as infrastructure as code. Some of the created cloud resources also creates a set of credentials, required to access these resources. If the credentials should be distributed to a team inside Coop, they can be distributed directly to a secure key vault in the cloud, but if they need to be distributed to an external party (such as one of Coop's partners), another secure way must be used. Coop Norge SA opted to share secrets by encrypting files containing the secrets with asymmetric cryptographic keys, using Pretty Good Privacy (PGP).
Coop Norge SA believes in using infrastructure as code to manage cloud resources. This means storing everything in git repositories, which gives engineers a structured view of their resources, an audit log through commit history, and the ability to automate validation from the start and ongoing. This also includes how GitHub repositories are created.