Investing can be scary, especially if you’re just starting out. Should you buy individual stocks, or put your money into index funds? What are the tax consequences? What about cryptocurrency? How often should you rebalance your portfolio, and how do you reinvest your dividends? Wealthsimple aims to make all of this, well, simple. The company offers automated investing, commission-free stock trading, cryptocurrency investment, cash, and tax services designed to make managing your financial life as easy and stress-free as possible—all while providing a human touch with personal advisors.
Behind these services is a team of more than 100 developers working to keep Wealthsimple ahead of the curve, both in terms of features and experience. “Our engineers aren’t just building products, they’re building our customers’ futures,” says Director of IT and Platform Engineering Brandon Eady. To that end, Wealthsimple works to empower engineers to work quickly but safely. GitHub is a core part of that.
Wealthsimple has used GitHub since they launched in 2014. During the summer of 2021, amidst a hiring surge, they decided to upgrade from GitHub Team to GitHub Enterprise. The initial motivation for the upgrade was compliance. “We’re working towards SOC 2 compliance and from a regulatory perspective, we need a certain level of control over authentication,” Senior Engineering Manager Scott Barr says. “So we upgraded to GitHub Enterprise initially for the SAML support.” They quickly realized that with GitHub Actions and other features, such as GitHub’s GraphQL API, they could automate tedious processes and consolidate tools.
Employee onboarding and offboarding at Wealthsimple used to be a manual process that left too much room for error. Getting all the necessary permissions setup could require a lot of back-and-forth between different teams and impact everyone’s productivity. “If a developer doesn’t have access to all the resources they need, that can be a blocker for them,” Barr says. “Going back and fixing permissions later is a pain for IT. These issues create toil for everyone. By moving to SAML, we can automate access controls to ensure that developers have access to the repos they need.”
Once Wealthsimple had access to Actions, migrating away from it’s previous CI provider was “a no brainer” Eady says. “Actions is more fairly priced than our old solution,” he explains. “It feels like GitHub wants to be a partner as we grow, rather than take advantage of us as we grow.”
Actions is more fairly priced than our old solution. It feels like GitHub wants to be a partner as we grow, rather than take advantage of us as we grow.
Plus, the product is better overall. “Essentially, GitHub Actions provided a way for us to create better pipelines,” Barr says. “With our old solution, we’d end up with dozens of engineers queued up and waiting for builds. That slowed the engineering organization down, and we knew it would only get worse as the company continues to grow. We needed something that would scale with the company.”
Today, Wealthsimple sees much faster build times. “For our site, which has lots of videos and cached assets, there used to be 11-12 minutes of build time,” Barr says. “Using Actions, we were able to reduce that to four minutes.”
“GitHub Actions is also good from a resilience perspective,” he continues. “We have fewer tools in our pipeline, so that’s fewer things that could go offline and block work.” Fewer tools also means engineers spend less time managing tools and more time writing code.
The ability to create Actions in Typescript is another major appeal. “Our front-end engineers are now able to improve our overall processes because they’re more comfortable and confident in contributing,” Barr says. “That’s already leading to a big improvement to our front-end build system.”
The Actions Marketplace is also a boon. In addition to custom Actions, Wealthsimple uses setup Actions such as Setup Python and Setup Node, along with some Amazon Web Services Actions. “These are a core part of our build process,” Barr says. New Actions are added to the Marketplace all the time, which means more features to make Wealthsimple engineers more productive.
Actions provides Wealthsimple with better security as well. For one thing, fewer third-party tools means fewer places to share security tokens and secrets. Wealthsimple has also been using GitHub to improve security through automation. For example, they have a custom Action that blocks developers from merging code until known security CVEs are addressed. This encourages developers to address security issues quickly, which is easier thanks to Dependabot’s automatically generated security patches, Wealthsimple now sees far fewer open security issues.
“We leverage the GraphQL API on a regular basis,” Barr says. “We’re using it to create lots of reports to give us a sense of our code hygiene and security status. We can see things like how many security CVE we have open. Six months ago we had around 60 outstanding security CVEs. Today, we have zero.”
Six months ago we had around 60 outstanding security CVEs. Today, we have zero.
“We’re in a much more secure posture now,” Eady agrees.
These checks also encourage engineers to write better code. “Automation leads to better processes,” Barr says. “And better processes lead to better quality.”
Start collaborating with your team on GitHub
Advanced collaboration for
individuals and organizations
* Discounted pricing is for new yearly customers paying with credit cards or PayPal. After first year, price is subject to change. GitHub will send you a notification email at least 30 days in advance of any price change.
and flexible deployment
Want to use GitHub on your own? Check out our plans for individuals