Contact
gophers lab letsbloom business case study

Case Study

Enhanced security & compliance platform letsbloom for better user experiences, compliance & timely delivery

Posted by

admin on 28 Nov 2023

1586
0

Singapore-based platform letsbloom helps its customers weave security and compliance into software development. The client faced several challenges, including the intuitiveness of the front-end, shortage of resources for the back-end development, long onboarding time for PoC customers, need for validation of compliance reports, and issues in the CI/CD pipeline.

letsbloom picked Gophers Lab as its development partner for our Golang & DevOps specialization and end-to-end development capabilities. Our solution helped the client overcome all the problems by improving user experience, ensuring fast & timely delivery, reducing onboarding time for PoC customers, validating compliance reports, and making the CI/CD pipeline smooth & secure.


About The Customer

letsbloom is a Singapore-based company that provides cloud-native & multi-cloud Platform-as-a-Service (PaaS). The platform helps customers in regulated industries to continuously view, manage, and validate their compliance and security posture of all cloud assets.


Customer Challenges

letsbloom had an existing platform that had many issues. The client was looking for a solution that would help them overcome the challenges below:

  • letsbloom had responsiveness, load time, and codebase complexity issues. The client wanted to revamp the front-end to enhance the user experience, simplify code, and optimize performance for cross-browser compatibility & mobile support.
  • The company sought more rapid delivery of features and services to meet the emerging customer requirements. Hence, it was looking to expedite the process by hiring more Java resources.
  • letsbloom offers their clients a Windows (VM) environment to perform their PoC, but for this, they had to set up for each person every time manually, which took at least one day, assuming everything went right.
  • The client required comprehensive infrastructure monitoring and reporting for various compliances, including CIS, MIS, and RMIT. Additionally, monitoring and alerting were being managed by a third party. Hence, letsbloom wanted test coverage after every infrastructure scan to validate the compliance reports.
  • Further, the client required a backup and disaster recovery plan to meet compliances.
  • Automatic rollbacks were not in sync every time, especially if there was only one change in configuration.
  • Having a single CI/CD pipeline for all the microservices made it hard to track which services were being deployed and when. Additionally, secrets were being exposed in the ADO pipeline letsbloom was using for CI/CD.
  • There was an issue with pods in a cluster dying as CPU and memory were not allocated.

Solution Implemented

The client chose Gophers Lab as their partner for their Golang and DevOps expertise, along with end-to-end development capabilities. We created a strategy and implemented the following solution for letsbloom:

  • Redesigned the application with a clean, visually appealing UI, intuitive navigation, and easy-to-access workspaces to enhance the overall user experience
  • Overcame data-fetching challenges by adopting React-Query for simplified data management and Axios for efficient HTTP requests
  • Created reusable components that helped bring scalability and consistency throughout the front-end
  • Designed and developed automation framework in Java and Rest Assured to automate the back-end services
  • Transitioned back-end services in Golang to the latest tools to elevate the Infrastructure as Code (IAC) capabilities, bringing the VM environment set-up time to only 15-20 mins
  • Separation of concern and moving out business-related services, like User and Venture management, to Spring Microservices from Golang services
  • Designed the regression e2e functional test cases for coverage of policy compliance validations
  • Set up e2e tests in the daily CI/CD pipeline as a health check for gaining confidence in the PR’s
  • Automated Performance Tests for running the scans, which help to reduce the throughput and 90th percentile of the business transactions per second
  • Moved the report notifications from the web and emails to a more developer and enterprise-friendly place like Slack for more transparency and visibility
  • Updated the Disaster Recovery document
  • Brought back Snyk scans into code management to find vulnerabilities in the libraries & SDKs installed and handle them in the CI/CD pipelines
  • Used Kubernetes Config Connector (KCC) and Crossplane to create infrastructure in real-time sync, meaning when the configuration is changed, it will automatically rollback the changes
  • Bifurcated the pipeline with respect to the microservices, with each service having its own pipeline for CI/CD integration
  • Utilized Azure Vault from where the pipeline can read the secrets during deployment
  • Set up alerts on emails and teams for the cloud resources
  • Allocated dedicated CPU and Memory to the pods


Technology Stack
Back-end

Spring Boot, Java, Golang

Front-end

React, React-Query, Okta, Bootstrap, Figma

Databases

ArangoDB, PostgreSQL

Cloud

Azure, AWS, GCP

DevOps

KCC, Crossplane, Terraform, ADO

Testing

Java, Selenium, Jmeter, TestNG

Tools & Frameworks

Elasticsearch Kibana, Prometheus, Grafana, Pagerduty

APIs

Terraform-cli, Temporal


Business Results

Our solution helped our client, letsbloom, achieve the following results:

  • Established a solid foundation for future scalability and consistency by creating reusable components, which made it easier to add new features and maintain a coherent look & feel across the entire platform
  • Reduced loading times and seamless data updates contribute to increased user engagement on the platform
  • Improved the response time and 90th percentile for the business transactions happening per second to 500 ms
  • Automated daily pipelines to give confidence in the developers MR/PRs for ensuring the quality gates checks
  • Increased scalability of the test coverage by automating 90% of test cases of our back-end services being used in the application, which also helps in maintaining the complaints and security
  • Onboarding of new clients of PoC environment reduced from days to minutes
  • With the allocation of resources, we ensured high availability of the resources


Share On

Tags

Back-end

DevOps

Front-end

Testing

Highlights

Created a coherent look & feel across the platform and made the front-end more intuitive & visually appealing Established a solid foundation for future scalability and consistency by creating reusable components Reduced onboarding time for new clients of PoC environment from days to minutes Improved response time & 90th percentile for the business transactions happening per sec to 500 ms Increased scalability of the test coverage by automating 90% of back-end test cases for better compliance & security

Download Case Study

Download Case Study

Please share your contact details to get your copy.

    hire dedicated resource

    Talk to Our Experts

      Get in Touch with us for a Walkthrough