Secure CI/CD Pipeline

By River Chen, Long Chen, Kaiyu Dong, Shaolun Liu

Given the increasing prevalence of software vulnerabilities, the integration of security measures at every phase of the DevOps workflow is now more critical than ever. Our project was designed to address limitations in current open-source DevSecOps tools and boost software security throughout the development cycle. Utilizing GitHub Actions as the foundation, we have successfully developed a secure CI/CD pipeline that provides comprehensive security testing, robust automation, support for multiple languages, and real-time reporting. In addition, the pipeline offers customization options to cater to diverse user requirements. This innovative solution offers a lightweight tool for small businesses and independent developers to bolster security and streamline their software development process.

Github Repository: