DevOps toolchain
modernization on Forge.
A leading European bank consolidates CloudBees CI, GitLab, SonarQube, and JFrog onto one Forge Managed Runtime on AWS — modernized, FinOps-disciplined, and governance-ready for the AI workloads coming next.
CUSTOMER PROFILE
- 10,000+ employees
- Banking & Financial Services
- Headquartered in Europe, operating globally
THE ENGAGEMENT
One runtime. One SLA. One audit trail.
“Forge gave us one runtime, one SLA, and one audit trail across CloudBees, GitLab, SonarQube, and JFrog — and the platform we will govern AI workloads on next.”
— Head of Platform Engineering, Global Financial Bank(paraphrase, pending customer approval)
The toolchain before
The bank’s CI/CD spine was capable but fragmented. CloudBees CI ran enterprise pipelines, GitLab managed source for several engineering groups, SonarQube enforced quality gates inconsistently across teams, and JFrog Artifactory held binaries and dependencies — but with no unified provenance, identity, or vulnerability story across them.
Every workload extension surfaced the same friction. Apple-silicon CI was a recent example: a single Mac instance required heavy manual lift to bind into CloudBees, integrate with the SonarQube analysis path, and promote artifacts through JFrog without breaking provenance.
What the bank needed
Not point deployments. A modernized DevOps toolchain — one runtime envelope, one operational SLA, one audit trail across CloudBees, GitLab, SonarQube, and JFrog — that could absorb new workload classes without re-architecting the trust posture each time.
How iTmethods engaged
iTmethods began upstream — utilization review, architecture review, and modernization design across all four tools. A Forward Deployed Engineer embedded with the bank’s platform team and owned outcomes end-to-end: design, staged rollout, cutover, and steady-state operations under one managed runtime contract.
THREE MOTIONS ACROSS THE TOOLCHAIN
Modernization. Optimization. Governance-ready.
01 · MODERNIZATION
One managed runtime across the toolchain
CloudBees CI, GitLab, SonarQube, and JFrog Artifactory + Xray consolidated under Forge Managed Runtime on AWS. Identity, secrets, and private connectivity standardized across the chain.
DELIVERED
- CloudBees CI on Forge — 47 controllers
- GitLab managed under one SLA
- SonarQube quality gates uniform
- JFrog Artifactory + Xray live
- Apple-silicon framework as one extension
02 · OPTIMIZATION
FinOps as a property of the runtime
Archera-driven commitment and Savings Plan optimization extended across the toolchain. Repeatable Apple-silicon deployments turned a bespoke effort into self-service capability.
OUTCOMES
- Archera commitments across the chain
- Right-sized EC2 for SonarQube + JFrog
- Repeatable Mac CI playbook
- No Savings Plan disruption
03 · GOVERNANCE-READY
Evidence streams ready for Reign
Each tool emits structured evidence: GitLab MR audit trails, SonarQube quality gates, JFrog Xray vulnerability and SBOM, CloudBees release records — ingest-ready for Reign's Evidence Engine when deployed.
EVIDENCE STREAMS
- Change-management — GitLab MR audit
- Code quality — SonarQube gates
- Vulnerability + SBOM — JFrog Xray
- Release evidence — CloudBees
- All ingest-ready for Reign
NEXT STEPS
Modernize your toolchain on Forge.
Take the next step toward governed AI. Every day without visibility is another day of unaudited AI actions and blind spend.
Assess
Architecture and FinOps review across CloudBees, GitLab, SonarQube, JFrog.
Modernize
Consolidate the toolchain on Forge — one SLA, FDE, zero disruption.
Govern
Deploy Reign over the same runtime — runtime policy + audit-grade evidence.
INCLUDED WITH FORGE
- Full audit trail of every AI agent action
- MCP connection governance and approval workflows
- Real-time cost dashboards with token-level visibility
- 24/7 enterprise support with dedicated TAM
SOC 2 Type II Certified · 100+ Enterprise Customers · 20+ Years Enterprise Trust