How DevOps at Scale and Tool Onboarding Relate

ABN AMRO is a bank in the Netherlands with a long history that goes back to the mid-19th century. In the last 25 years, we’ve grown digital channels that are greatly valued by our customers and have become the dominant channels. In 2015, The European Union set minimum requirements for European banks to open up checking account information via APIs to third parties via the PSD2 directive. ABN AMRO has gone far beyond these requirements by establishing a broader business-to-business API channel. We also set up an external developer portal to promote third parties to build on and leverage our financial services. Of course, this all needs to be backed by a well-organized internal IT organization.

The role of my department, Development Services, is to facilitate developers with Continuous Integration/Continuous Delivery (CI/CD) facilities that has to serve the developers requirements, regulatory requirements, and non-developer stakeholder requirements. In practice, this means assisting with development tools and supporting a number of specific platforms to create traceability and transparency, as well as related reporting.

The following article explains some of the starting points and how we envision supporting DevOps at an enterprise scale.

Article contents

  1. Centrally organized and product based
  2. The IT4IT data model
  3. Onboarding on tools
  4. Connecting the dots
  5. The solution in theory
  6. The current solution
  7. Technical realization
  8. Our future
  9. Challenges
  10. More by Fred Jonkhart

Centrally organized and product based

Over 10 years ago and in the midst of a merger, I was asked to look at the organization’s support and development tools. ABN AMRO was still a project-oriented organization then, where Dev and Ops groups were separate. From past experience, it was already clear to us that the major tools, including version control, source code quality control, support for pipelines, and artifact management should be centrally managed. This to mostly satisfy (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Fred Jonkhart. Read the original post at: