Software for Improve the Security of Kubernetes-based CI/CD Pipeline

• Published in: International Conference on Advanced Computer Information Technologies (Print) pp. 420 - 425
• Main Authors: Shevchuk, Ruslan, Karpinski, Mikolaj, Kasianchuk, Mykhailo, Yakymenko, Ihor, Melnyk, Andriy, Tykhyi, Roman
• Format: Conference Proceeding
• Language: English
• Published: IEEE 21.09.2023
• Subjects: Containers; CPCD systems; Kubernetes; pipeline; Pipelines; Security; Software measurement; Software reliability; software system; Software systems; Web servers
• ISSN: 2770-5226
• DOI: 10.1109/ACIT58437.2023.10275654

CI/CD systems allow automation of the processes of software development, testing, and delivery, which greatly simplifies the work of software developers. Kubernetes, an open-source container orchestration platform, has become increasingly popular among developers due to its ability to automate the deployment, scaling, and management of containerized applications. However, with the growing use of Kubernetes, security concerns have emerged, highlighting numerous vulnerabilities in the design, implementation, and operation of the Kubernetes environment. In this paper, the authors provided an in-depth analysis of the numerous vulnerabilities in the design, implementation, and operation of the Kubernetes environment and summarize the best practices that can be used to enhance the security of Kubernetes CI/CD processes. The obtained results were used for designing and implementing a CI / CD software system that improves the security of the Kubernetes-based CI/CD pipeline. In addition, created software system monitors processes that are happening during pipeline execution. JavaScript, NestJS framework for server side, React framework with Single Page Application (SPA) approach for client side, and Nginx web server was used to implement the software.