Software for Improve the Security of Kubernetes-based CI/CD Pipeline
CI/CD systems allow automation of the processes of software development, testing, and delivery, which greatly simplifies the work of software developers. Kubernetes, an open-source container orchestration platform, has become increasingly popular among developers due to its ability to automate the d...
Saved in:
| Published in | International Conference on Advanced Computer Information Technologies (Print) pp. 420 - 425 |
|---|---|
| Main Authors | , , , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
21.09.2023
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2770-5226 |
| DOI | 10.1109/ACIT58437.2023.10275654 |
Cover
| Abstract | CI/CD systems allow automation of the processes of software development, testing, and delivery, which greatly simplifies the work of software developers. Kubernetes, an open-source container orchestration platform, has become increasingly popular among developers due to its ability to automate the deployment, scaling, and management of containerized applications. However, with the growing use of Kubernetes, security concerns have emerged, highlighting numerous vulnerabilities in the design, implementation, and operation of the Kubernetes environment. In this paper, the authors provided an in-depth analysis of the numerous vulnerabilities in the design, implementation, and operation of the Kubernetes environment and summarize the best practices that can be used to enhance the security of Kubernetes CI/CD processes. The obtained results were used for designing and implementing a CI / CD software system that improves the security of the Kubernetes-based CI/CD pipeline. In addition, created software system monitors processes that are happening during pipeline execution. JavaScript, NestJS framework for server side, React framework with Single Page Application (SPA) approach for client side, and Nginx web server was used to implement the software. |
|---|---|
| AbstractList | CI/CD systems allow automation of the processes of software development, testing, and delivery, which greatly simplifies the work of software developers. Kubernetes, an open-source container orchestration platform, has become increasingly popular among developers due to its ability to automate the deployment, scaling, and management of containerized applications. However, with the growing use of Kubernetes, security concerns have emerged, highlighting numerous vulnerabilities in the design, implementation, and operation of the Kubernetes environment. In this paper, the authors provided an in-depth analysis of the numerous vulnerabilities in the design, implementation, and operation of the Kubernetes environment and summarize the best practices that can be used to enhance the security of Kubernetes CI/CD processes. The obtained results were used for designing and implementing a CI / CD software system that improves the security of the Kubernetes-based CI/CD pipeline. In addition, created software system monitors processes that are happening during pipeline execution. JavaScript, NestJS framework for server side, React framework with Single Page Application (SPA) approach for client side, and Nginx web server was used to implement the software. |
| Author | Yakymenko, Ihor Melnyk, Andriy Karpinski, Mikolaj Kasianchuk, Mykhailo Tykhyi, Roman Shevchuk, Ruslan |
| Author_xml | – sequence: 1 givenname: Ruslan surname: Shevchuk fullname: Shevchuk, Ruslan email: rsh@wunu.edu.ua organization: West Ukrainian National University,Department of Computer Science,Ternopil,Ukraine – sequence: 2 givenname: Mikolaj surname: Karpinski fullname: Karpinski, Mikolaj email: mpkarpinski@gmail.com organization: University of Applied Sciences in Nowy Sacz,Department of Computer Science,Nowy Sacz,Poland – sequence: 3 givenname: Mykhailo surname: Kasianchuk fullname: Kasianchuk, Mykhailo email: kasyanchuk@ukr.net organization: West Ukrainian National University,Department of Cyber Security,Ternopil,Ukraine – sequence: 4 givenname: Ihor surname: Yakymenko fullname: Yakymenko, Ihor email: iyakymenko@ukr.net organization: West Ukrainian National University,Department of Cyber Security,Ternopil,Ukraine – sequence: 5 givenname: Andriy surname: Melnyk fullname: Melnyk, Andriy email: ame@wunu.edu.ua organization: West Ukrainian National University,Department of Computer Science,Ternopil,Ukraine – sequence: 6 givenname: Roman surname: Tykhyi fullname: Tykhyi, Roman email: t1h4n123@gmail.com organization: West Ukrainian National University,Department of Computer Science,Ternopil,Ukraine |
| BookMark | eNo1z99KwzAUgPEoCs7ZNxDMC7Q7J2mS5nJ0_ikOFNb70TYnGNnakXbK3t6BevXdffC7ZVf90BNjDwgZItjFsqxqVeTSZAKEzBCEUVrlFyyxxhZSgUTUxl6ymTAGUiWEvmHJOH4CgBSQQy5nbLUZ_PTdROJ-iLzaH-LwRXz6IL6h7hjDdOKD56_HlmJPE41p24zkeFktyhV_DwfahZ7u2LVvdiMlf52z-umxLl_S9dtzVS7XaUC0U2rzBox03hfgjUNFLRQNdISYd7ogh9qTN10rURdOWrTg2hY71HAGnkVzdv-7DUS0PcSwb-Jp---WP6_FTYw |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ACIT58437.2023.10275654 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9798350311679 |
| EISSN | 2770-5226 |
| EndPage | 425 |
| ExternalDocumentID | 10275654 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IL 6IN AAWTH ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK OCL RIE RIL |
| ID | FETCH-LOGICAL-i119t-94a073dff80f7d15eb08a0ce114c68ed16fef7cb3168d39190dbb1c160202983 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 27 02:23:42 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i119t-94a073dff80f7d15eb08a0ce114c68ed16fef7cb3168d39190dbb1c160202983 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_10275654 |
| PublicationCentury | 2000 |
| PublicationDate | 2023-Sept.-21 |
| PublicationDateYYYYMMDD | 2023-09-21 |
| PublicationDate_xml | – month: 09 year: 2023 text: 2023-Sept.-21 day: 21 |
| PublicationDecade | 2020 |
| PublicationTitle | International Conference on Advanced Computer Information Technologies (Print) |
| PublicationTitleAbbrev | ACIT |
| PublicationYear | 2023 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0003204043 |
| Score | 1.8498452 |
| Snippet | CI/CD systems allow automation of the processes of software development, testing, and delivery, which greatly simplifies the work of software developers.... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 420 |
| SubjectTerms | Containers CPCD systems Kubernetes pipeline Pipelines Security Software measurement Software reliability software system Software systems Web servers |
| Title | Software for Improve the Security of Kubernetes-based CI/CD Pipeline |
| URI | https://ieeexplore.ieee.org/document/10275654 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwGA1uJ08qTvxNDl7TNUnTNEfpHJviGGzCbiNpvsAQtjFaBP96k7abKAjeSqGQNiTv5ev33kPowRYGMiossZlgJHGCE8W0JZ49cCYNdbT20nudpKO35HkhFq1YvdbCAEDdfAZRuKz_5dtNUYVSmV_hwaxcJB3UkVI1Yq1DQYWzODjFtD1cNFb9x3w89_jKZRQywqP90z9yVGoYGZ6gyX4ATffIe1SVJio-f3kz_nuEp6j3rdjD0wMWnaEjWJ-jwczvsR96B9gzU9yUDwB7xodnbWod3jj8UhnYrUP9lQRIszgf9_MBnq62QaoOPTQfPs3zEWlTE8iKUlUSlWi_bK1zWeykpQJMnOm4AH_wKdIMLE0dOFmYkFhlufKEwBpDC5p64shUxi9Qd71ZwyXCmjNrtPYHEKsTYazhVgrpuFGaGxZnV6gXvsBy2_hiLPcvf_3H_Rt0HCYidFsweou65a6COw_ppbmvp_ILYQafig |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1dS8MwFA06H_RJxYnf5sHXdE3S9ONROsfmPhiswt5G0tzAELYxWgR_vUnbTRQE30qgkDQk59zbe89B6EnnCmIqNNGxYCQwgpOESU0se-AsUtTQSktvPAn7b8HrXMybZvWqFwYAquIz8Nxj9S9fr_PSpcrsCXdi5SI4REfChhVR3a61T6lw5jutmKaKi_pJ5zkdZBZheeQ5l3Bv9_4PJ5UKSHqnaLKbQl0_8u6VhfLyz1_qjP-e4xlqf_fs4ekejc7RAawuUHdmb9kPuQVsuSmuEwiALefDs8a3Dq8NHpYKtiuXgSUO1DROB520i6fLjWtWhzbKei9Z2ieNbwJZUpoUJAmkPbjamNg3kaYClB9LPwcb-uRhDJqGBkyUK-dZpXliKYFWiuY0tNSRJTG_RK3VegVXCEvOtJLShiBaBkJpxXUkIsNVIrlifnyN2u4LLDa1MsZit_ibP8Yf0XE_G48Wo8FkeItO3Ka42gtG71Cr2JZwbwG-UA_Vtn4B9lmi2w |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=International+Conference+on+Advanced+Computer+Information+Technologies+%28Print%29&rft.atitle=Software+for+Improve+the+Security+of+Kubernetes-based+CI%2FCD+Pipeline&rft.au=Shevchuk%2C+Ruslan&rft.au=Karpinski%2C+Mikolaj&rft.au=Kasianchuk%2C+Mykhailo&rft.au=Yakymenko%2C+Ihor&rft.date=2023-09-21&rft.pub=IEEE&rft.eissn=2770-5226&rft.spage=420&rft.epage=425&rft_id=info:doi/10.1109%2FACIT58437.2023.10275654&rft.externalDocID=10275654 |