Automated build and deployment mechanisms for core banking and lending solutions
Data Action is the leading provider of hosted digital banking and core banking solutions for many of Australia's financial institutions, predominantly mutual banks and credit unions. DA's Core Systems team had embarked upon an ambitious programme to modernise its core banking and lending capabilities, building new solutions by integrating its traditional core banking software with new user interfaces, workflow and rules engines. To best leverage the existing core banking platform, the team needed a way to securely expose specific functional domains for consumption by the wider solution. Additionally. the team required a mechanism to continuously and reliably deliver new releases, manage complex customer-specific configurations, whilst ensuring industry and security compliance, all with minimal customer impact.
Chamonix worked with the DA Core Systems and Lending teams to get a solid understanding of their business, and the technology drivers for their programme of work. This led to an assessment of current state architecture, build, deployment, testing and monitoring practices, and recommendations for where people, process or technology improvements could be made.
Initially focusing on build and deployment practices, the Chamonix team automated processes for building and deploying the solution; from ensuring required infrastructure and operating system dependencies were configured correctly, to deploying, configuring and verifying customer-specific instances of solution components. By automating these processes, the time to onboard a new customer or deploy a new service release was reduced from hours or days to minutes. The automation also enabled environment and customer specific configuration to be explicitly managed, providing better control over complex configuration.
The overall solution consisted of both internally developed components built with Microsoft .NET Framework and .NET Core and third-party workflow and rules engine products. Chamonix assisted with the team's migration to Atlassian BitBucket for source code management and Bamboo for automated build. Deployment of the solution and configuration management was orchestrated by Octopus Deploy, utilising PowerShell Desired State Configuration (DSC) for infrastructure configuration and PowerShell scripts for post-deployment activities.
The success of the project was enabled by the close working relationship between the teams and specifically with DA's Integration team to ensure existing build, deployment and configuration management practices were followed or supplemented where appropriate, for example through the augmentation of existing post-deployment scripts and establishing the use of Octopus Deploy tenantbased configuration data management. Chamonix also worked closely with DA's Information Security and Risk |LF|ISR) and Infrastructure teams to ensure appropriate security hardening was consistently applied during deployment. By implementing security hardening rules using PowerShell DSC, hardening rules and exceptions were made explicit and application servers were constantly maintained in a desired state. This work led to additional enhancements to several of Microsoft's open source PowerShell DSC resources, which have since been contributed back and accepted into the main codeline.