Beyond the Platform Façade: Escaping the Portals and Pipelines Trap

Daniel Bryant
Jul 29
6 min read

Updated: Sep 26

As platform engineering and building internal developer platforms become a strategic priority across enterprises, many teams reach for familiar tools: developer portals, workflow engines, and CI/CD pipelines. These are well-understood, battle-tested technologies. Together, they appear to offer a compelling way to build a self-service platform.

But looks can be deceiving.

We frequently see teams fall into what we call the “portals and pipelines” antipattern: stitching together a workflow engine or CI pipeline with a developer portal and assuming the job is done. You’ve got automation. You’ve got a UI. What more could you need?

In reality, this setup creates a veneer or façade of platform maturity, while masking a growing burden of complexity, duplication, and fragility underneath. Ultimately, this leads to platform decay.

Pipelines and Workflow Engines Aren’t Platforms

Whether you’re using a workflow engine such as Argo Workflows, Temporal, or SonataFlow, or a CI/CD pipeline like GitHub Actions, GitLab CI/CD, or Jenkins, these tools automate sequences of steps. They’re excellent at deployment logic, retries, conditional paths, and parallelism. But they don’t manage the state of a system. They don’t enforce business processes and policies. They don’t track ownership or govern lifecycle events across time and teams.

They are fundamentally transient, not persistent. This inevitably leads to drift across the organisation. Drift of application (and dependency) upgrades, drift of policy and compliance, and drift of infrastructure configuration.

For example, a pipeline can deploy a Java application and a PostgreSQL instance. But it won’t upgrade it, audit it, ensure it's compliant, or clean it up when unused. It’s a one-and-done job. Any management after that point? You’ll either get overwhelmed by a sea of individual task pipelines or be left on your own.

Developer Portals: The Frontend Façade

Portals like Backstage, Port, and OpsLevel improve discoverability and offer a user-friendly interface to workflows and templates. But without a powerful platform behind the scenes, they’re little more than well-skinned control panels for fragile automation.

Clicking a button in a portal may trigger a workflow that executes a script to create a service. But what happens after the click?

Is the service compliant with current policy?
Can it be upgraded without breaking things?
Who owns it now?

Without answers to these questions, your portal isn’t enabling self-service. It’s enabling self-sabotage.

The “Puppy for Christmas” Problem

One of the most insidious outcomes of the Platform Facade is what we call the “Puppy for Christmas” problem. It’s a common scenario: a developer clicks a button in a portal or triggers a pipeline, and moments later, a new database, message queue, or environment is provisioned. Success!

But what happens next?

In many cases, nothing. There’s no upgrade path. No automated deprecation. No lifecycle guarantees. No clear operational contract. The developer now owns that component, regardless of whether they understand it, want to operate it, or are even equipped to do so.

This is the essence of “you clicked it, now you own it.”

At first glance, it might look like empowerment: developers can self-serve infrastructure, spin up environments, and unblock themselves. But in practice, this is often a transfer of responsibility without support. And that’s not empowerment, it’s often abandonment.

Over time, this creates a slow burn of operational complexity:

Orphaned resources accumulate, deployed but no longer used, yet still costing money or posing a risk.
Misconfigured services drift from policy compliance, with no central reconciliation to bring them back into line.
Developers become accidental operators, burdened with debugging issues in systems they didn’t choose and don’t fully control.
Platform teams are overloaded with support requests, often related to one-off workflows they can’t easily track or upgrade.

The original intent, enabling developer self-service, gets lost. What was meant to remove friction ends up creating toil.

This pattern also creates deep misalignment between user expectations and platform capabilities. Developers assume that by clicking a button, they’re getting something fully managed. In reality, they’re getting a raw component, provisioned by automation but orphaned from platform lifecycle governance.

And this leads to a loss of trust. Developers stop using the portal. Teams build shadow platforms. The platform team is left trying to retrofit orchestration into a mess of pipelines and ad-hoc scripts.

To avoid this, platforms must embed ownership models, lifecycle guarantees, and governance into the self-service experience. Provisioning should be just the beginning—not the end—of the platform’s responsibilities.

Self-service without orchestration is like giving someone a puppy without a care plan. It might be fun at first. But eventually, someone is cleaning up the mess.

From Platform Automation to Platform Orchestration

To avoid this trap, teams must evolve from platform automation to orchestration.

What’s the difference?

Platform Pillar	Automation (Portals + Pipelines)	Orchestration (Platform as a Product)
Speed	Short-term focus: Fast to build and demo; quick paths for initial delivery, but hard to maintain pace with growing maintenance costs.	Balanced focus: Fast creation on Day 1 and safe, repeatable, sustainable delivery on Day 2 and beyond
Safety	Scattered: Policy checks are inconsistently applied and fragmented across tools/systems	Shared governance: Enforces policy and compliance where expertise lies, with automated drift detection
Efficiency	Pipeline-focused: Teams duplicate logic in scripts and pipelines; hard to maintain and evolve	Collaborative by design: Platform responsibilities are shared, with reusable capabilities managed across a fleet
Scalability	One-size-fits-all: Hard to standardise services across diverse teams; grows tribal knowledge	Composable and participatory: Platform capabilities are abstracted into reusable, versioned services that teams can extend and evolve together

True platforms provide clear APIs, versioned contracts, drift detection, policy enforcement, and upgrade paths. These are features that don’t come “out of the box” with typical workflows and pipeline tools. They require orchestration, a persistent control layer that understands the full lifecycle of a platform capability.

The Cost of Platform Decay

The hidden danger of the Platform Facade—that deceptive combination of portals, pipelines, and workflow engines—is that it creates the illusion of maturity while silently incubating fragility. What begins as quick wins and happy paths can, over time, evolve into a brittle mess of scripts, duplicated logic, inconsistent states, and unclear ownership. This is platform decay.

Platform decay typically sets in slowly, and it’s often invisible until it's too late. A team adds a new provisioning workflow here. Another team forks it to meet their needs. One portal button points to a deprecated pipeline. A service is provisioned but never upgraded. Compliance checks are manual, or worse, nonexistent. Over time, your “platform” is no longer a foundation. It’s a patchwork.

The symptoms are easy to miss:

Workflows that work for one team but fail in another environment
Services with unclear ownership and no standard lifecycle guarantees
Frequent snowflake configurations and drift between clusters
Security and compliance controls bypassed or inconsistently enforced
A backlog of “quick fixes” and ad-hoc scripts nobody wants to touch

And the outcomes are costly:

Slower change velocity: Simple changes require navigating a web of hidden dependencies and legacy automation.
Increased operational risk: Unowned or unmanaged resources become ticking time bombs for security, compliance, and uptime.
Inhibited scaling: Every new team added introduces new permutations and integrations, pushing the system further out of balance.
Mounting platform tech debt: Platform teams spend more time firefighting and less time improving capabilities.

Preventing platform decay isn’t about adding more automation. It’s about introducing orchestration and product thinking. Platforms must evolve from a pile of pipelines into a system with state awareness, strong contracts, lifecycle guarantees, and shared governance.

A resilient platform is designed to change safely over time, because in modern enterprises, change is constant.

Check out our webinar, "Beyond Portals and Pipelines: Where Workflow Engines Help (and Where They Don’t)".

Building a Platform as a Product; Not as a Patchwork of Portals and Pipelines

If you're looking for impact and ROI from your platform engineering initiatives, you must move beyond portals and pipelines.

Portals are how users interact with the platform.
Pipelines and workflows are tools within the platform.
And orchestration is what enables speed, safety, scalability, and efficiency.

At Syntasso, we’ve worked with teams across industries to move from “click-to-deploy” to true platform-as-product thinking. That’s why we built Syntasso Kratix Enterprise (SKE): to help teams go beyond automation and embrace orchestration as the core of their internal platform.