How ICBC Built an Enterprise‑Scale DevOps Toolchain to Boost R&D Efficiency

Background and Challenges

Rapid technological advances and accelerating financial product innovation have created a long‑standing tension between growing product demand and limited R&D resources. Traditional banking architectures are large and complex, making efficiency improvements difficult. Building a DevOps platform that fits existing workflows while evolving with technology and management is essential for large financial institutions.

ICBC consolidated and refined its existing tools, re‑architected them as services, and created a user‑centric, end‑to‑end enterprise DevOps toolchain to support digital transformation of R&D management.

Exploration Path

Since 2009, ICBC has pursued tool‑based development, standardizing build and deployment tools. Continuous integration began in 2013, and by 2018 the bank launched a DevOps platform that connected development, testing, and operations into an end‑to‑end pipeline. In 2020, the bank standardized continuous delivery around a “release unit” concept.

Construction Results

ICBC’s toolchain includes a continuous delivery pipeline, a developer portal, and an operations platform. The pipeline delivers product development, quality assurance, and production deployment through a process engine that stitches core services together. The portal offers a one‑stop entry for developers, while the operations platform integrates production operations, monitoring, and capacity management.

1. Overview

2. Continuous Delivery Pipeline

Standardized processes established code repository management, build, deployment, and configuration standards, reducing maintenance costs and improving risk control. Over 8,000 original build strategies and 20,000 deployment strategies were consolidated into ten standardized configurations, forming a “service environment”‑centric production management system.

(1) Code Commit: Commit Build Pipeline

Commit triggers the pipeline, performing unit tests and code checks on incremental changes.

(2) Code Integration: Continuous Integration Pipeline

Provides a rich set of CI atomic operations that can be assembled and configured for various scenarios.

(3) Version Delivery: Continuous Delivery Pipeline

Enables one‑click version delivery with automatic rollback verification.

(4) Version Release: Continuous Deployment Pipeline

The end‑to‑end deployment process is reusable, verifiable, adaptive, customizable, and visualized.

3. Developer Portal

Integrates existing systems to provide a one‑stop portal for developers, enabling end‑to‑end, traceable, automated handling from requirement intake to version release, and consolidates capabilities into an organization‑wide service through standardized processes.

4. Quality Gates

Commit Build Gate : Automatically triggers the pipeline on code submission, checking for high‑risk issues and unit‑test coverage; only passing code can merge into the release branch.

Continuous Delivery Gate : After merging, the pipeline runs code scans, builds, deployments, and automated tests, adding smoke‑test success criteria; all metrics must pass before release.

Continuous Deployment Gate : Interfaces with the production management platform to control deployment windows, gray‑release acceptance, and online deployment, enforcing standardized production practices.

5. Operations Platform

A unified production operations platform integrates monitoring, performance, and capacity management, providing services for production releases and daily operations.

Future Outlook

ICBC plans to build a one‑stop enterprise DevOps toolchain that supports efficient collaboration, continuous delivery, and environment support across the entire R&D‑testing‑production lifecycle, leveraging service‑oriented reconstruction and cross‑domain coordination.

Efficient Collaboration : Visualize demand value management and communication to address cross‑departmental challenges.

Continuous Delivery : Expand pipelines horizontally and vertically, supporting gray releases, production monitoring, verification, and providing a unified data‑log analysis service.

Environment Support : Standardize environment configuration, automate provisioning, and create end‑to‑end environment delivery pipelines.

Metric Empowerment : Build a data‑mid platform for R&D management, establishing unified data standards and multi‑dimensional efficiency metrics to enable self‑improvement and informed decision‑making.