IBM Cloud Mastery: Banking App Deployment Insights

Modernizing code development and maintenance (helping with scarce skills and allowing innovation and new technologies required by end users) and improving deployment and operations with agile and DevSecOps are examples.

IBM Cloud Satellite meets this need by letting modern, cloud-native applications run anywhere the client wants while maintaining a consistent control plane for hybrid cloud application administration.

This paper shows how to deploy a banking application on IBM Cloud for Financial Services and Satellite using automated CI/CD/CC pipelines consistently. This requires strict security and compliance throughout build and deployment.

It provides a control framework that can be easily implemented using Reference Architectures, Validated Cloud Services, ISVs, and the highest encryption and CC across the hybrid cloud.

This project used a Kubernetes– and microservices-modernized loan origination application. The bank application uses a BIAN-based ecosystem of partner applications to provide this service.

The BIAN Coreless 2.0 loan origination application was used in this project. A customer gets a personalized loan through a secure bank online channel. A BIAN-based ecosystem of partner applications runs on IBM Cloud for Financial Services.

BIAN Coreless Initiative lets financial institutions choose the best partners to quickly launch new services using BIAN architectures. Each BIAN Service Domain component is a microservice deployed on an IBM Cloud OCP cluster.

A static code scanner checks the application repository for secrets in the source code and vulnerable packages used as dependencies.

The inventory previously hosted deployment files, which are YAML Kubernetes resource files that describe each component. These deployment files would contain the correct namespace descriptors and the latest Docker image for each component.

To find secrets in application source code and vulnerabilities in application dependencies, the CC toolchain runs a static code scanner on application repositories at user-defined intervals.