In this episode of Semaphore Uncut, we talk with Malcolm Matalka, co-founder and CTO of Terrateam, about GitOps-driven infrastructure, Terraform and OpenTofu workflows, and why the best developer tools are often the ones you barely notice.
Malcolm brings a deep engineering background and years of internal tooling experience to explain how Terrateam fits infrastructure into developers’ natural workflow.
Disclaimer: This interview was recorded in 2025.
From Internal Tools to Infrastructure at Scale
Malcolm’s career began with internal developer tooling—building systems teams depend on rather than user-facing products. Over time, that work pushed him closer to infrastructure automation. Together with his co-founder, he built Terrateam as a GitOps-first platform for Terraform and OpenTofu workflows.
“We don’t want to be a platform,” Malcolm explains. “We want to be tools—more like Unix tools—things that fit into your workflow rather than define it.”
That principle guides Terrateam’s design: the product lives in pull requests, speaks the language of Git, and works inside the tools developers use every day.
GitOps as UX
Terrateam’s core UX is GitHub-native. There’s a UI, but Malcolm emphasizes you should rarely need it: the tooling should work at the command line and inside review workflows.
“In some teams,” he notes, “developers install Terrateam and barely notice it exists. They just see comments on pull requests about infrastructure changes—and then merge when everything looks good.”
This “invisible” quality isn’t accidental. It’s a design choice rooted in minimizing context switching and keeping infrastructure authoring close to code.
Terraform, OpenTofu, and Configuration
Terrateam focuses on Terraform and OpenTofu while preserving flexibility. Anything with a CLI can be managed through the system.
Instead of cramming logic into YAML configs, Terrateam introduces a config builder script—a small program that dynamically generates configuration at runtime. That script can inspect repos, call APIs, and shape behavior declaratively without bloating config files.
“YAML only gets you so far,” Malcolm says. “We needed a way to express real logic without making config itself a programming language.”
OCaml: Power and Cost
One notable choice at Terrateam is their language: OCaml. The entire codebase is written in it.
For Malcolm, OCaml’s expressiveness is a strength: it enables concise, maintainable abstractions. But the language’s relative niche status also raises the bar for contributors.
“If you want to contribute, you’re not just learning OCaml—you’re learning our flavor of OCaml,” he admits.
This trade-off gives the team deep control over their tooling but requires thoughtful onboarding to grow contributors from the community.
Open Source and User Behavior
Terrateam went open source in December with an open-core model—most functionality available publicly, with enterprise extensions under license.
The team noticed something subtle after open-sourcing: sign-ups initially slowed. But the silence wasn’t absence—it was usage happening quietly.
“Teams would sync the repo, deploy Terrateam internally, and work with it for months before ever reaching out,” Malcolm explains. “When they finally came back, they already knew exactly what they wanted.”
This pattern suggests that infrastructure tooling adoption isn’t a 30-minute trial experience—it’s a weeks-long integration into daily practice.
What’s Next
As Terrateam grows, the focus is on onboarding: better documentation, example configurations, and clearer workflows. The goal is to reduce friction without losing flexibility.
Longer-term, Malcolm is thinking about broader infrastructure management: tools that not only orchestrate changes but answer questions like:
- Who created this resource?
- When was it changed?
- From what repo and context?
The challenge is doing this while maintaining trust boundaries—Terrateam intentionally avoids accessing customers’ cloud credentials directly.
“We want answers,” Malcolm says, “but we don’t want to break trust.”
đź”— Follow Malcolm
đź”— https://www.linkedin.com/in/malcolm-matalka-a6527382/
