Application deployment times slashed from days to minutes through use of pipelines, integrated security and self-service.

Admiral reaps rewards of CI/CD implementation

Manual release cycles and inter-team dependencies were preventing Admiral from achieving its full potential with data and analytics applications. DevOpsGroup joined forces with the in-house team to create CI/CD pipelines that allow deployments to be achieved in minutes rather than days.

Long monthly release cycles hinder progress

Data is the backbone of Admiral and its Data and Analytics (DNA) programme underpins its ability to use real-world insights to drive effective decision making.

Keeping DNA functioning at the optimum level requires efficient and effective deployment of new features. However, this process was previously dependent on the release cycles of Guidewire, a software platform used extensively by insurance providers. Monthly data release cycles were too long, and Admiral needed a continuous deployment policy so product changes could be implemented as soon as development was complete and tested.

Alongside this, there was an urgent need to start using a new security control technology for infrastructure security compliance. Without this in place, DNA was dependent on Admiral’s InfoSec team for any changes which hindered release cycles.

“The joint Admiral-DOG team worked cohesively and effectively. This partnership approach was achieved far more quickly than I have witnessed with other third parties joining an existing team.”

Automation and autonomy embraced to eradicate dependencies

A DevOpsGroup squad joined forces with the existing Admiral CI/CD squad to create CI/CD pipelines for three key applications running in Guidewire. The goal was to define best practices as well as integrating security and testing from the get-go.

Over a 12-month period, the joint team collaborated in the set-up and creation of CI environments and processes with security as a priority. We configured the new security tool so it would halt deployment if any of its automated security tests failed. This reduced the need for manual intervention from the InfoSec team while enabling Admiral to uphold its high-security standards.

Every stage of each pipeline was templated, which will allow reuse of common building blocks in future application pipelines. The team removed a lot of complexity from the toolset by allowing seamless build agent upgrades, granting further improvements and efficiencies.

Finally, the squad was tasked with setting up Infrastructure as Code (IaC) pipelines using Terraform to reduce the platform team overhead for environment changes. We also tightened feedback loops and lowered dependencies on centralised teams, giving product teams more control.

Reduced manual work creates more space for innovation

These improvements have given Admiral greater confidence in its DNA application deployments.

The faster, automated approach means DNA developers can now focus on adding value rather than repetitive, manual build and deployment. More importantly, security and compliance standards have been built into the pipelines from the start, creating shorter feedback loops and reducing the overall effort required from InfoSec on each deployment.

With automatic building and deployment of build agents, a major dependency on the cloud platform team has also been resolved. The DNA team operates on a self-service basis and manages internal build agents.

Additional noteworthy outcomes include:

• A reduction in application deployment time from eight days to 40 minutes, with standards and security built in.
• 37 compliance controls codified and automated using policy validation tooling so any team can audit their environment without input from InfoSec, enabling self-service and ‘shifting compliance left’.

The shared templates repository is being used by teams around Admiral DNA to develop and enhance CI/CD pipelines.

“The DevOpsGroup team demonstrated an impressive set of skills and deep understanding of Azure and Google Cloud. We were expertly guided in building the backlog from scratch.”