当前位置:网站首页>Coding devsecops helps financial enterprises run out of digital acceleration

Coding devsecops helps financial enterprises run out of digital acceleration

2022-07-05 14:45:00 InfoQ


null


null

Financial digitalization keeps going , R & D efficiency has not been upgraded  


Hold “ Double zone ” Construction trend , Cherish the ambition of serving Dawan District , A large bank in Shenzhen ( hereinafter referred to as “A  Bank ”) stay  2022  In, the new journey of the second five-year development strategic planning with digital transformation as the direction was fully started .“ retail + Technology + ecology ” Power drives ,A  The bank insists on driving business agility with technological agility , Continue to promote digital transformation and scene management .

However , With  A  The digital transformation of banks is gradually deepening , Rapidly expanding  IT  Team building brings new challenges to multi team management and cross team collaboration , And changing business needs , It also controls the security of R & D assets and the efficiency of R & D delivery 、 Higher requirements for quality .
In order to make  IT  Build teams with more agile collaboration 、 More efficient and high-quality delivery to meet the business needs of the digital age ,A  The bank finally chooses to introduce from many manufacturers  CODING  One stop research platform , Starting with the upgrading of R & D efficiency, speed up the pace of digitalization .

CODING  Heterogeneous disaster recovery solutions , Ensure the continuity of banking business  


For the financial industry , Ensuring user data security and business continuity is the top priority . So ,A  There are strict data disaster recovery requirements within the bank : At the hardware level, three copies of one data can be stored , The downtime of any physical node will not affect the normal operation of the platform , At the same time, it should also meet the heterogeneous backup of different platforms .

To help  A  The bank completed infrastructure upgrading , Realize its disaster recovery requirements ,CODING  Our expert team goes deep into the customer site , Finally, it was formulated with  CODING  Disaster recovery and heterogeneous backup construction scheme for the base . On the application level , Luohu ( Lord )- wuhan ( To prepare )
The two places regularly synchronize incremental data every day
, two places  K8S  The main node of the cluster is attached to the independent backup storage
continuity  7  Daily platform full data backup
. meanwhile , The original in the industry  GitLab  adopt  CODING  Continuous integration pipeline ,
Automatically trigger backup on a regular basis
, Achieve heterogeneous demands ; The backup results are pushed and reported every day  IM  Communication platform , Managers perceive in time .

null
CODING  by  A  Disaster recovery and heterogeneous backup construction plan formulated by the bank

For  A  In the process of formulating disaster recovery plan , If you choose real-time synchronization , There are two sharp problems :
1.  Real time synchronization will lead to frequent reading and writing , Network stability 、 The stability of the platform is difficult to guarantee , And the database is easy to lock .
2.  After switching from disaster recovery environment to production environment , Data consistency is difficult to guarantee .

therefore ,CODING  The expert team finally decided to choose  A  Regular synchronous backup of the bank , Backup machine daily full and incremental backup , Incremental synchronous disaster recovery environment ; When switching to disaster recovery environment , Full data and incremental data backup , Switch the production environment again and brush back the increment , At the same time, the backup of disaster recovery environment stops .

After rigorous switching drill and data consistency verification ,CODING  The platform meets  A  High availability construction requirements of banks , Can greatly
Reduce the risk of data loss of source assets , Ensure the security of code assets in extreme cases
. This is also for  A  The bank development center promotes all teams to use  CODING  Platform hosting source code has laid a solid foundation .

CODING DevSecOps, Realize the closed loop of continuous safe delivery process  


In addition to meeting the strict disaster recovery requirements of the bank , "One-stop" work style  CODING  R & D efficiency platform to  A  The value brought by banks is far more than that .A  The bank pays more attention to the experience of the overall R & D process , It has been expected to better control its R & D process , Make full use of the convenience brought by automation . adopt  CODING,A  The bank successfully landed
End to end  DevSecOps  technological process
, Realize unified security control of code , Created
Agility 、 Normalization 、 Automated continuous safe delivery closed loop
, It greatly improves the quality and speed of software delivery , Reduce R & D costs , Complete the R & D efficiency upgrade .

null
A  Bank Based  CODING  Landing  DevSecOps  R & D workflow

R & D core assets are under unified management


For the management of code warehouse ,A  The bank used  Git、SVN  And other code version control management tools , The source code is scattered in various project groups , There is no unified management entrance . and  CODING  Code warehouse function provided , Not only support  Git、SVN  Warehouse type , It also supports importing  GitLab、GitHub  And other mainstream types of code warehouses , And provide
Warehouse groups 、 The team - project - Refined authority control at the warehouse level 、 Code review 、 version management
And so on , Strong support  A  The bank successfully moved all the codes scattered in various tools to  CODING, Realize the organization code assets
Unified distributed management .

null
In addition to code assets ,A  The bank will also document different business lines 、 Unified access of products and construction resources  CODING  Platform management .CODING 
Through the development of 、 test 、 Asset management links of various R & D links such as operation and maintenance
, Use one-stop advantages to successfully help  A  Banks realize resource integration , Solve the problem of decentralized software asset management .

R & D management norms are unified


When not in use  CODING  Before ,A  There is a lack of branch management norms within the bank , Some people develop directly in the trunk branch , Some will pull branches for development , Branch and version management are chaotic . stay  CODING  With the help of the team ,A  The bank has successively formulated the  Git  Branch and label management strategy , At the same time, a unified code consolidation review process and traceability audit mechanism have been established , To form  
master  Trunk branch publishing 、feature  Feature branch development
Process branch management mode .

null
A  The bank passes through the trunk - The branch model regulates the cross organizational R & D process

Backbone environment :
Deploy a stable version of the trunk code , Complete dependence , Release at any time , Continuous protection and maintenance .
Branch environment :
Contains a single... Involved in an iteration branch / Multiple services , For joint commissioning and testing ( The test environment is not separately reflected here , It is not recommended to maintain test branches , use  master  Trunk  daily build, Ready to deploy environment , For integration or joint commissioning test environment , Find problems ahead of time )

Besides ,A  Banks find that R & D norms often rely on R & D personnel to consciously abide by , Lack of certain constraints . and  CODING  The R & D specification mechanism provided by the platform
Real time feedback on the implementation of the specification , Automatically intercept R & D activities that do not meet the requirements ,“ non-inductive ” Strictly restrict and urge the R & D personnel to follow the R & D specifications
. Combined with the actual R & D demands in the bank ,A  Bank code 、 Branch 、 Version and other aspects are configured with corresponding constraint rules , And by adding audit links , Achieve quality control and reduce the cost of collaboration and communication .

Safety activities are integrated into , automation  CI/CD  Assembly line  


A  Of the bank  IT  The team has long faced double pressure from external competition and financial supervision , Be agile to business demands , Pursue stability for the system . adopt
Integrate code scanning and product scanning security capabilities into automated  CI/CD  Assembly line
,CODING  help  A  While improving business efficiency, banks have also built a moat of code security and quality .

As shown in the figure below ,A  The bank is in  CODING CI  A series of automatic safety activities are integrated in the assembly line . When the code is checked out , The system will automatically
Code scanning
, And then
unit testing
, After the image is pushed to  CODING  After the product warehouse , Go ahead with it
Product scanning
. Layers of support for safety activities , It eliminates most of the defects and risks before the business release .

null
CODING  Code scanning support
 16  Kind of
Scanning scheme of mainstream development language . After setting the scanning language scheme 、 After quality access control , When the code is checked out
Automatically scan the source code , Automatically generate problem lists , With suggestions for modification .

null
Overview the market through questions , R & D personnel can clearly understand
Number of code problems 、 Code circle complexity 、 Repeat rate
, etc. , Greatly help  A  The bank found hidden code defects in time 、 Security vulnerabilities and nonstandard code , Improve the maintainability and stability of the code .

null
In the link of image construction and pushing to the product library ,CODING  The product scanning ability will be triggered automatically . The system will perform dependency analysis on products , Resolve the open source component referenced by the artifact , Re pass
「 Tencent security open source component vulnerability feature library 」
Identify vulnerabilities in open source components referenced by artifacts , Output vulnerability report and repair suggestions .A  The bank's R & D personnel can use the preset
Quality red line
Judge the product quality , You can also view the specific scanning results on the details page .

null

DevSecOps  Pipeline one key multiplexing  


DevSecOps  The rapid promotion of , It is naturally impossible to rely solely on repeated artificial reproduction . Thanks to the  CODING  Assembly line
Configurable 、 Reusable
advantage ,A  The bank aims at the commonly used R & D language in the bank , Combined with the original script , Output the common assembly line template in the team , Greatly reduce the stock system access  DevSecOps  Threshold . Members of different business groups
One key can reuse automatic pipeline
, Improve the efficiency of construction and release in the daily R & D process .

null

R & D efficiency has been comprehensively improved , Help promote the digital transformation of banks  


"One-stop" work style  CODING DevOps  The biggest advantage of the platform , It's for  A  The bank offers
Unified R & D entrance
, For its
Get through from project management 、 Managed code 、 The code to build 、 test 、 The whole link of R & D management from application delivery to system operation and maintenance
, At the same time, it also meets the strict heterogeneous requirements of disaster recovery of banks , by  A  Bank efficiency 、 High quality delivery of business value provides a strong basic guarantee . some time ,A  The bank will comprehensively promote and apply the new  DevSecOps  One stop shop for  CODING  platform , Make full use of advanced  DevSecOps  idea
Make the R & D link run more smoothly 、 More efficient 、 More secure
.CODING DevSecOps  Solution , As  A  The powerful engine of banks in the process of digital transformation , Will continue to empower  A  The bank optimizes the R & D process experience 、 Focus on improving R & D efficiency , Leading the new track of digital business .


null

null
原网站

版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/186/202207051437191663.html

边栏推荐

猜你喜欢

随机推荐