DevOps World | Jenkins World 2019 Lisbon

The context: - we're building a new bank for the French market, for an existing entity - business model is new, banking license is new, but the codebase is licensed from successful digital a bank in Poland - we took 30+million lines of code from the bank in Poland, and building on this base - worked for 2 years to adopt this "ecosystem of banking systems" to build the new French brand - integration with French financial ecosystem, French regulatory ecosystem, existing internal systems, and customize to client needs The challenges: Project is almost pure waterfall - first challenge was to embed DevOps culture within this approach. Second challenge is existing internal IT structure, procedures, security requirements - geared towards supporting the existing entity operations, which are not 24/7, contrary to the new bank being built. Third challenge was to take the "product" developed at the Polish bank - which was never built to be a product, but as set of systems to support it's internal operations, which is quite different to building a product to be sold - and start changing it to suit target needs, at the same time building effective SDLC and DevOps processes to support the multi-year initiative. Fourth challenge is the strict security requirements, and resulting strict split of responsibilities between the Client teams delivering and supporting infrastructure, and the project delivery teams delivering and supporting the application. The solution: Integration set of tools to support DevOps and DevSecOps, with: - Jenkins as orchestrator - remote PowerShell used for deployment solution to target servers (11 environments in dev, test, prod loops, with 30-100 servers each depending on purpose, dozens of different server roles and different applications) - SonarQube for static analysis - OWASP ZAP and several other open source tools for DevSecOps - Atlassian stack - Jira/Confluence/Bitbucket - as support tools & code repo - Zabbix for monitoring - Splunk for log aggregation - Selenium for automated end to end tests Core features: - one click deployments of entire non-mainframe part of solution (mainframe is more tricky) - on demand deployments of specific components - automated post-deployment health checks of environments - static and dynamic automated security tests - static code analysis embedded within process