Through streamlining secrets to focus on shipping more features.
Endear is on a mission to change the way the retail industry thinks about connecting with customers and driving in-store and online sales. It provides the first CRM built from the ground-up for consumer brands & retailers.
"Endear's top priority for 2022 is to ensure developer productivity, code quality, and continuous security while rapidly expanding the Engineering team.” highlighted Endear’s CTO, JP Grace.
These priorities led the Engineering leadership to adopt a "DevSecOps" culture, as they started looking for opportunities to streamline CI/CD workflows while bringing application security considerations closer to the application development process.
As a result, Endear's Engineering team set a goal to enhance developers' productivity by focussing on automating previously manual and cumbersome tasks such as secrets management.
Grace and the leadership team firmly believe that they shouldn’t do any undifferentiated heavy lifting by leveraging Cloud functions, GCP, PubSub, Cloud Run, Cloud SQL, Vercel and any tool that they can leverage to enable them to focus on their core business innovations.
This mind-set paved the way for scoping the main challenges that they wanted to knock out to streamline development and focus on what matters most; their customers.
The team was managing security through GCP and local env variables, while developing custom scripts that worked quite fine until they faced several edge cases.
As they started hiring and ramping up with more engineers and integrations, security got quite complicated to manage, so the priority was to unblock the team to operate efficiently.
While Endear didn’t know how they’re going to solve the problem quite yet, they knew that there was a solution out there that is zero trust. The addition they were looking for was finding a solution that also integrates well with GitHub actions for CI/CD, Vercel for deployment, and the other tools they’re using for development. They also wanted a solution that was super easy to manage and covers the potential edge cases.
All secrets were stored in GCP's secret manager. Every time when a developer would need to work on a new capability or branch, he/she would fetch all secrets to get an updated list which gets quite repetitive and tedious.
They also built a custom script to pull all secrets from GCP and manage which secret belonged to which repo or stage; leading to complications in how secrets were being pulled from GCP.
This script also helped in storing secrets in local files with different versions so when any update is pushed to production, the team had to test locally across different env variables, resulting in working across many moving parts.
Inevitably, anytime anyone was working on a different repo, the team would run into problems getting things up and running. If a developer hadn’t worked on a repo for sometime while some changes occurred or if they forgot to pull the latest had resulted in too many edge cases following them down.
Shah, one of Endear’s co-founders, found Doppler and was able to get it up and running during the weekend. As soon as Shah and the team saw the benefits they’re going to get from Doppler. “It made sense to immediately adopt it on top of Endear’s framework. Doppler covered everything they wanted to do and didn’t need to see any other tools.” noted Grace.
At the end of the day, Endear's main goal is to ensure that all engineers are empowered across the entire development lifecycle for all the projects they’re working on. A huge piece of it was security and being able to iterate on security through uncomplicated processes.
With a growing R&D team and tens of repos, there’s a lot of context switching where Doppler enabled Endear to eliminate the coefficient of friction by getting things up and running.
Everything is updated and whenever we run doppler we see the latest version and we don't have to think about it anymore." said Grace.