2026-03-10·8 min read

Mobile Banking CI/CD in Africa

CI/CDMobileAfricaJenkins

The Challenge

Shipping a mobile banking app is hard. Shipping the same app across 9 African countries — each with unique regulatory requirements, app store configurations, provisioning profiles, and security tooling — is a different beast entirely.

When I joined this project, the team was manually building each country variant. A single release cycle took days of engineer time, and signing errors were a weekly occurrence.

The Architecture

We designed a parameterised Jenkins pipeline that treats each country as a configuration profile rather than a separate build. The core pipeline stages:

1.Parameter Injection — Country code drives everything: bundle IDs, API endpoints, feature flags, Firebase projects, and Arxan blueprints.

2.Build — .NET MAUI compiles the shared codebase with country-specific resources and config files.

3.Security — Arxan/Digital.ai protection is applied post-build using country-specific blueprints. This was one of the trickiest parts — each blueprint has unique guard configurations.

4.Signing — iOS provisioning profiles and Android keystores are pulled from secure storage per country. We automated Xcode profile installation and keychain management on the Mac build agents.

5.Distribution — UAT builds go to Firebase App Distribution. Production builds go to App Store Connect and Google Play via Fastlane.

Key Decisions

Why Jenkins over GitHub Actions? The bank's infrastructure team required on-premise build agents for security compliance. Jenkins gave us full control over the Mac mini fleet used for iOS builds.

Shared vs. separate pipelines? We considered a mono-pipeline per country but rejected it — the maintenance burden would scale linearly. A single parameterised pipeline means bug fixes and improvements apply everywhere.

Arxan integration was the hardest piece. The protection tool modifies the compiled binary, so it must run after the .NET MAUI build but before signing. We built a wrapper script that handles blueprint selection, retry logic for flaky Arxan processes, and verification of protected binaries.

Results

•60% faster builds — from 45 minutes to 18 minutes per country variant

•Zero manual signing errors — fully automated profile and keystore management

•9 markets from one pipeline — South Africa, Kenya, Uganda, Botswana, Tanzania, Ghana, Mauritius, Mozambique, Zambia

•Same-day hotfixes — what used to take 2 days now ships in hours

Lessons Learned

1.Treat countries as config, not code. — The more you can parameterise, the less you duplicate.

2.Invest in signing automation early. — Manual iOS provisioning profiles are a ticking time bomb.

3.Security tooling needs its own pipeline stage. — Don't bolt it on — design around it.

4.Build agents are infrastructure too. — Mac minis need monitoring, updates, and capacity planning just like servers.

If you're building multi-market mobile apps in Africa and struggling with CI/CD complexity, I'd love to chat. Reach out via the contact form or book a consultation.

Get in Touch →