Continuous Integration and Continuous Deployment (CI/CD) 2024-25

CHAPTER - 1

INTRODUCTION

In the ever-evolving landscape of software development, the demand for delivering high-quality
software at an accelerated pace has never been more critical. Organizations today operate in highly
competitive and dynamic environments, where end-user expectations for reliability, performance, and
rapid feature updates are continually rising. Traditional software development methodologies,
although once standard, are increasingly becoming obsolete in the face of modern demands for
agility, scalability, and speed.

Historically, software development followed a waterfall approach, characterized by rigid, linear

stages such as requirement gathering, design, implementation, testing, deployment, and maintenance.
These stages were executed sequentially, and feedback was usually gathered only after complete
implementation or even post-deployment. Software releases occurred infrequently—often once every
several months or even years. Developers typically worked in silos, developing modules in isolation
with minimal integration until the end of the cycle. While this model ensured thorough planning and
documentation, it introduced significant delays and posed numerous challenges.

One of the major pitfalls of traditional development was the integration problem. Integrating
independently developed code at the later stages often led to unexpected bugs and conflicts, creating
what is infamously known as the “integration hell.” Since developers weren’t regularly syncing their
changes, merging codebases became a tedious and error-prone task. This lack of early integration and
testing often meant that critical issues were only discovered close to release, significantly
complicating debugging and increasing the cost of fixing bugs.

Moreover, slow feedback loops were a characteristic weakness of older models. Without immediate
testing and validation, developers had no timely insight into whether their changes were compatible
or functional within the overall system. This led to bottlenecks in development, where progress was
often stalled by the need to resolve accumulated bugs, sometimes requiring major code rewrites.

Manual testing and deployment processes also contributed to delays and inconsistencies. Human
error was a frequent cause of failed deployments and missed defects, and the reliance on manual
scripts or documentation-based procedures made reproducing environments or deployment states
cumbersome and unreliable.

Dept. of Information Science and Engineering, AIT 1

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

As organizations began to feel the strain of these inefficiencies, there was a paradigm shift in
software development practices with the adoption of Agile methodologies and DevOps principles.
Agile introduced iterative, incremental development with a focus on customer collaboration, adaptive
planning, and rapid delivery. DevOps, in parallel, emphasized breaking down silos between
development and operations teams, fostering a culture of collaboration and shared responsibility for
the entire lifecycle of software delivery. Out of this cultural and procedural evolution emerged the
concepts of Continuous Integration (CI) and Continuous Deployment (CD) together known as
CI/CD.

The Need for CI/CD

The need for CI/CD became apparent as software systems grew more complex and the demand for faster
releases increased. CI/CD addresses the inefficiencies of traditional methods by embracing automation,
immediate feedback, and continuous improvement. In older development models, the delay between writing
code and discovering its issues often spanned weeks or months. CI/CD eliminates this by integrating code
changes into the main branch frequently—sometimes multiple times a day—and automatically building and
testing these changes.

CI/CD mitigates the integration problems of the past by making integration a continuous process rather than a
phase. By integrating code regularly, developers are less likely to encounter large, complex conflicts, and
when conflicts do arise, they are easier to resolve because they are detected early.

Furthermore, CI/CD enhances feedback speed. Automated testing frameworks ensure that developers receive
immediate feedback on the quality and functionality of their code. This allows issues to be addressed when
they are cheapest and easiest to fix right at the time of development.

The automation of deployment also minimizes human errors. Instead of relying on manual steps to push code
into production, CI/CD pipelines define standardized, repeatable processes that ensure consistency and
reliability across different environments such as development, staging, and production.

Understanding CI/CD

At the core of this modern approach are two main components: Continuous Integration (CI) and Continuous
Deployment (CD).

Continuous Integration (CI) refers to the practice of frequently merging all developers’ working copies to a
shared mainline branch. Each merge or commit triggers an automated build process followed by a suite of
automated tests. The goal of CI is to detect integration issues early and reduce the overhead of big-bang
merges. By integrating often, developers receive instant validation that their changes do not break the existing

Dept. of Information Science and Engineering, AIT 2

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

codebase. This helps maintain a stable baseline and allows the team to move faster without fear of regressions.

CI also encourages the use of automated unit tests, integration tests, code linting, and static code analysis tools.
These checks run every time new code is pushed, ensuring that quality standards are upheld across the
codebase. By shifting testing to the early stages of development, CI helps create a feedback-rich environment
where bugs are caught and resolved quickly.

Continuous Deployment (CD) builds upon CI by automating the process of deploying every validated code
change to production. Once a change passes all automated tests, it is automatically released into the live
environment. This automation eliminates the traditional release process that involved multiple handoffs,
approvals, and manual verifications. CD allows teams to deliver features and fixes to users in a matter of
minutes or hours, rather than days or weeks.

It’s important to note that CD is often used interchangeably with Continuous Delivery, although there is a
subtle difference. Continuous Delivery ensures that every change that passes automated tests is ready for
production deployment but may require manual approval before the final release. This approach strikes a
balance between full automation and human oversight, allowing teams to retain control over when and how
changes are released.

Together, CI and CD form a robust pipeline that supports modern software delivery goals. This pipeline can be
enhanced with additional practices such as Infrastructure as Code (IaC), containerization, and observability,
ensuring that applications are not only delivered quickly but also operate reliably in production environments.

Dept. of Information Science and Engineering, AIT 3

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

CHAPTER -2

LITERATURE SURVEY
[2022] Prevalence of GitOps, DevOps in Fast CI/CD Cycles
In this paper, Saumya Gupta et al. explore the evolution of DevOps practices into GitOps to meet the demands
of faster and more reliable CI/CD cycles. GitOps leverages Git as the single source of truth for both
application code and infrastructure, promoting a declarative approach that simplifies deployment and rollback
operations. The study highlights how containerized applications, particularly in Kubernetes environments,
benefit from this model by improving visibility, security, and automation. Tools such as Flux, Argo CD,
Jenkins X, and Helm are presented as key components in automating deployment pipelines. The
implementation on AWS Elastic Kubernetes Service (EKS) further demonstrates how GitOps workflows
enhance the developer experience by aligning operations with version control practices familiar to software
engineers.

[2023] Implementation of an Agile SDLC CI/CD Pipeline for Managing a SDN VXLAN-EVPN Fabric
Spas Georgiev and Kamelia Nikolova introduce a DevOps-based approach to managing large-scale software-
defined networking (SDN) infrastructures using Agile SDLC principles. The paper presents a CI/CD pipeline
built with GitLab and Ansible to automate the configuration and deployment of a VXLAN-EVPN fabric. The
system integrates Cisco’s Data Center Network Manager (DCNM) as an SDN controller, showcasing how IaC
(Infrastructure as Code) and DevOps tools can be adapted to network engineering. This approach enhances
flexibility, reduces manual errors, and supports modular, automated deployments. By bringing Agile practices
to network provisioning, the authors demonstrate how the DevOps mindset can be successfully extended
beyond traditional software development into infrastructure management.

[2022] Creating Microservices and Using Infrastructure as Code within the CI/CD for Dynamic
Container Creation
Tomáš Golis, Pavle Đakić, and Valentino Vranić focus on the practical and educational aspects of developing
and deploying microservices within a local Kubernetes environment. Their work demonstrates how CI/CD
pipelines, integrated with tools such as Docker, Helm, and Minikube, can be used to manage dynamic
containerized applications. The study discusses the architecture of microservices, comparing stateless versus
stateful services and synchronous versus asynchronous communication models. It also explores the use of
service mesh architectures for managing inter-service communication. The implementation includes several
specialized microservices that handle login authentication, image building, deployment, and pipeline
generation. This paper provides a comprehensive overview of modern microservice deployment strategies and
their orchestration within CI/CD workflows.

Dept. of Information Science and Engineering, AIT 4

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

[2023] CI/CD Pipeline with Vulnerability Mitigation

Nalini M. K and co-authors build upon the concept of DevSecOps by presenting a CI/CD pipeline
embedded with multiple layers of vulnerability scanning and security validation. Using tools like
SonarQube, Trivy, and Docker Bench, their model automatically scans source code, container
images, and Kubernetes configurations for known vulnerabilities before moving them into
production. The paper emphasizes automation and early detection as key strategies for mitigating
risk. By integrating these checks directly into the CI/CD workflow, the authors ensure continuous
compliance with best security practices. The pipeline also improves traceability and accountability by
documenting vulnerabilities and mitigation actions.

[2022] Secure Development Workflows in CI/CD Pipelines

In this industry-focused paper, Pranshu Bajpai and Adam Lewis address the critical need for integrating
security into CI/CD pipelines, a practice commonly referred to as DevSecOps. The authors identify various
vulnerabilities inherent in modern development workflows, such as code injection, misconfigurations, and
insecure dependencies. They propose embedding security checks early in the development lifecycle—
commonly known as “shift-left security.” The paper outlines the use of automated tools for static analysis,
code signing, access control, and artifact verification to ensure the integrity of builds and deployments. Their
work advocates for a security-first approach in DevOps, ensuring that speed and agility do not come at the cost
of system safety.

Dept. of Information Science and Engineering, AIT 5

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

Table 2.1: Summary of Literature Survey

Title of the Problem Author's

Sl NO Results
paper addressed approach/method

Improved
Prevalence of Use GitOps with
Inefficient CI/CD deployment
GitOps, DevOps tools like Flux and
1 in cloud-native speed, rollback
in Fast CI/CD Argo CD in
environments. capability, and
Cycles Kubernetes.
automation.

Implementation
of an Agile Automated,
Ansible and
SDLC CI/CD Manual SDN faster, and
GitLab-based
2 Pipeline for configuration is repeatable
CI/CD integrated
Managing a SDN error-prone and network
with Cisco DCNM.
VXLAN-EVPN slow. deployment.
Fabric
Creating
Microservices
and Using Lack of practical Local Kubernetes Enabled user-
Infrastructure as microservice cluster using driven
3 Code within the CI/CD Minikube, Docker, deployment and
CI/CD for environments for Helm, and CI/CD orchestration of
Dynamic learners. pipelines. microservices.
Container
Creation

Automated
CI/CD Pipeline Deployment of Integrated
security checks
with unscanned SonarQube, Trivy,
4 and reduced
Vulnerability vulnerable code and Docker Bench
vulnerabilities
Mitigation and containers. into CI/CD.
in deployments.

Enhanced
DevSecOps
Secure pipeline
Security gaps in integration with
Development integrity and
5 traditional CI/CD access control,
Workflows in early
pipelines. static analysis, and
CI/CD Pipelines vulnerability
code signing.
detection.

Dept. of Information Science and Engineering, AIT 6

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

CHAPTER - 3

PROBLEM STATEMENT AND OBJECTIVES

3.1 Problem Statement

In traditional software development, organizations faced major challenges in software delivery,
including delays, manual errors, and inconsistent deployments. As technology evolved, businesses
required faster, more reliable, and automated solutions to develop, test, and deploy software.

3.2 Objectives
Automating the Software Development Lifecycle (SDLC)
• Automatically integrates, tests, and deploys code changes.
• Reduces manual intervention across development, staging, and production environments.
• Enables early bug detection through automated testing.
• Ensures consistency across environments.

Improving Software Quality & Code Reliability

• Incorporates unit and integration testing.
• Enforces code quality through static code analysis tools (e.g., SonarQube).
• Supports peer code reviews and linting for cleaner code.

Accelerating Release Frequency & Deployment Speed

• Enables faster and more frequent software releases.
• Minimizes downtime with strategies like blue-green and canary deployments.
• Provides rollback capabilities in case of failures.

Enhancing Security & Compliance

• Integrates security scanning tools (SAST/DAST) early in the pipeline.
• Ensures compliance with standards like ISO 27001, GDPR, HIPAA.
• Manages secrets securely using tools like Vault, AWS Secrets Manager.

Improving Collaboration Between Development & Operations Teams

• Promotes a DevOps culture of shared responsibility.
• Enhances visibility through real-time logging and monitoring.
• Tracks changes via version control systems (e.g., Git).

Dept. of Information Science and Engineering, AIT 7

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

Enabling Scalability & Infrastructure Automation

• Uses Infrastructure as Code (IaC) for environment provisioning.
• Supports containerization and orchestration with Docker and Kubernetes.
• Integrates auto-scaling and load balancing for performance optimization.

Reducing Costs & Operational Overhead

• Automates repetitive tasks to reduce manual labor.
• Optimizes cloud resource usage based on demand.
• Lowers costs by reducing downtime and debugging time.

Dept. of Information Science and Engineering, AIT 8

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

CHAPTER - 4

METHODOLOGY
The diagram follows a modern CI/CD methodology combining automation, quality control, and GitOps-based
deployment. Jenkins orchestrates the continuous integration pipeline, using Maven to build the code and
SonarQube to perform static code analysis. Once quality checks and tests pass, a Docker image is created and
pushed to DockerHub. An image updater tool detects the new image and modifies the Kubernetes manifest files
in the Git repository. Argo CD, a GitOps tool, then automatically syncs the updated manifests to deploy the
application to the Kubernetes cluster.

Fig. 4.1: System Architecture

This architecture diagram illustrates a CI/CD pipeline with integrated code quality checks,
containerization, and GitOps-based deployment using tools like Jenkins, SonarQube, DockerHub, and
Argo CD. Here's a step-by-step explanation:

Source Code & Webhook Trigger

• The process starts with a developer pushing code to a Git repository.
• A webhook notifies Jenkins that a new change has been committed, triggering the pipeline.

Dept. of Information Science and Engineering, AIT 9

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

Jenkins (CI Tool)

• Jenkins orchestrates the CI pipeline.
• It invokes Maven, a build tool, to compile and build the source code.

Build Verification
• Jenkins checks if the Maven build is successful.
• If the build fails, it exits the pipeline and generates a report sent to communication tools like Slack
or email.

Code Quality Check (SonarQube)

• If the build is successful, Jenkins sends the code to SonarQube for static code analysis.
• If SonarQube reports code quality issues, the pipeline exits and sends a report.

Automated Testing
• If SonarQube validation passes, automated tests are executed.
• On failure, the pipeline again exits and sends a report.

Docker Image Creation & Push

• If tests pass, a new Docker image is built and pushed to DockerHub.
• This image contains the application packaged in a container.

Image Updater
• An Image Updater service (like Flux Image Update or a custom script) detects the new image in
DockerHub.
• It updates the Kubernetes manifest files in the Git repository (referred to as the Manifests Repo).

Argo CD (GitOps Deployment)

• Argo CD continuously monitors the Manifests Repo.
• Once it detects a change (updated image version), it automatically syncs and deploys the new
image to the Kubernetes cluster.

4.1 CI/CD Pipeline Workflow

A CI/CD pipeline consists of the following stages:
• Code Commit – Developers push code to a shared repository (e.g., GitHub, GitLab).
• Build Process – Code is compiled and packaged using tools like Maven, Gradle, or Docker.
• Automated Testing – Unit, integration, and security tests run automatically using JUnit,
Selenium.
Dept. of Information Science and Engineering, AIT 10
Continuous Integration and Continuous Deployment (CI/CD) 2024-25

• Artifact Storage – Successfully built code is stored in repositories like Docker Hub, Nexus.
• Deployment – Code is deployed to staging using Jenkins, GitHub Actions, ArgoCD.
• Monitoring & Feedback – Tools like Prometheus, Grafana, and ELK Stack track performance.

4.2 Modern Advancements in CI/CD

• GitOps – Using Git as a single source of truth for infrastructure and deployments.
• AI in CI/CD – Automated failure detection, intelligent rollbacks, and anomaly detection.
• DevSecOps – Integrating security tools like SonarQube and SAST into pipelines.
• Serverless CI/CD – Running pipelines on AWS Lambda, Google Cloud Functions.
• Observability & Monitoring – Implementing Open Telemetry, Prometheus, and Grafana for
deep insights.

4.3 Tools and Techniques in CI/CD

The implementation of CI/CD relies on various tools and technologies that automate different stages of
the software development lifecycle.

Continuous Integration (CI) Tools

• Jenkins – One of the most widely used open-source automation servers that supports
integration with multiple CI/CD tools.
• GitHub Actions – A built-in CI/CD tool for GitHub that automates workflows directly within
repositories.
• GitLab CI/CD – A powerful CI/CD solution integrated with GitLab, offering automated
builds, testing, and deployments.
• CircleCI – A cloud-based CI/CD tool that provides fast and scalable build automation.
• Travis CI – A CI/CD service that integrates directly with GitHub repositories, primarily used for
open-source projects.

Continuous Deployment (CD) Tools

• ArgoCD – A declarative GitOps-based tool used for deploying applications in Kubernetes
environments.
• Spinnaker – A cloud-native CD tool that enables multi-cloud deployments.
• Tekton – A Kubernetes-native CI/CD framework designed for scalable and secure automation.
• FluxCD – A GitOps-based continuous deployment tool that keeps Kubernetes clusters in sync
with Git repositories.

Dept. of Information Science and Engineering, AIT 11

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

Build and Artifact Management Tools

• Maven – A build automation tool used primarily for Java projects.
• Gradle – A build tool that provides flexibility and high performance for large-scale projects.
• Docker – A containerization technology that allows applications to be packaged along with
their dependencies.
• JFrog Artifactory – A universal artifact repository that stores and manages software packages.
Testing and Quality Assurance Tools
• JUnit – A widely used testing framework for Java applications.
• Selenium – A tool for automating web browser testing.
• SonarQube – A code quality and security analysis tool that detects vulnerabilities.
• Postman – Used for API testing and automated validation of API responses.
Monitoring and Logging Tools
• Prometheus – A monitoring tool that collects and stores time-series data for application
performance tracking.
• Grafana – A visualization tool used to create real-time dashboards based on metrics collected by
Prometheus.
• ELK Stack (Elasticsearch, Logstash, Kibana) – A centralized logging solution used to
monitor and analyze application logs.
Security and Compliance in CI/CD (DevSecOps)
• Trivy – A security scanner that detects vulnerabilities in container images.
• Snyk – A tool used for scanning and fixing security vulnerabilities in dependencies.
• Vault (HashiCorp) – A tool for managing and securing secrets, API keys, and credentials in
CI/CD pipelines.

4.4 Automated Testing

• Various testing techniques ensure software reliability before deployment.
• Unit Testing verifies individual components.
• Integration Testing checks communication between modules.
Example Process:
• The CI/CD pipeline executes a test suite after a successful build.
• If all tests pass, the pipeline proceeds to the next stage.
• If a test fails, the pipeline stops and notifies the developer.

Dept. of Information Science and Engineering, AIT 12

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

4.5 Artifact Management

• Successful builds generate deployable artifacts (JAR, WAR, Docker images).
• These artifacts are stored in a repository for versioning and future deployments.
Tools Used: JFrog Artifactory, Nexus Repository, AWS S3
Example Process:
1. The build generates a .jar or .war file.
2. The artifact is pushed to Artifactory or Docker Hub for storage.
3. The deployment process pulls the latest artifact for release.

4.6 Continuous Deployment (CD)

• Involves deploying software to staging or production environments automatically.
• Kubernetes-based deployment ensures scalability and high availability.
• Blue-Green and Canary deployments prevent downtime.
Tools Used: ArgoCD, Spinnaker, Kubernetes, Terraform, Ansible
Example Process:
1. ArgoCD pulls the latest artifact from the repository.
2. Kubernetes applies the deployment configuration.
3. The application is updated with zero downtime.

4.7 Monitoring and Feedback Loop

• Continuous monitoring ensures application performance, reliability, and security.
• Logging tools track system behavior and detect issues in real time.
• Automated alerts notify developers about failures or performance degradation.
Tools Used: Prometheus, Grafana, ELK Stack (Elasticsearch, Logstash, Kibana)
Example Process:
1. Prometheus collects real-time application metrics.
2. Grafana visualizes performance data through dashboards.
3. Alerts are triggered if CPU usage, memory consumption, or response time exceed thresholds.

4.8 Advanced Enhancements to CI/CD Methodology

To improve CI/CD pipelines, advanced DevOps techniques are used:
Infrastructure as Code (IaC)
• Tools like Terraform and Ansible automate infrastructure provisioning.
• Kubernetes manifests or Helm charts define declarative deployments.

Dept. of Information Science and Engineering, AIT 13

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

Serverless CI/CD
• Serverless applications use AWS Lambda, Google Cloud Functions to deploy functions instead
of VMs.
• GitHub Actions and AWS CodePipeline automate deployment workflows.

AI-Powered CI/CD Pipelines

• AI-driven anomaly detection improves security and reliability.
• Machine Learning models predict deployment failures before they happen.
Example:
• GitHub Copilot suggests optimized CI/CD scripts.
• AI-based log analysis detects unusual patterns in deployments.

4.9 Deployment Strategies

Different deployment strategies are used depending on project requirements:

Rolling Deployment
• Gradually replaces old instances with new ones without downtime.
• Ensures a smooth transition but may take longer to complete.
• Used in cloud-native applications and Kubernetes environments.

Blue-Green Deployment
• Two identical environments (blue and green) are maintained.
• Traffic is switched from the current to the new environment once testing is complete.
• Enables instant rollback if issues arise.

Canary Deployment
• Releases updates to a small subset of users first.
• Monitors performance before rolling out changes to the entire system.
• Ideal for risk-sensitive applications (e.g., banking, healthcare).

A/B Testing Deployment

• Runs two versions of the application for different user groups.
• Collects user feedback and analytics before finalizing the deployment.
• Commonly used in UI/UX improvements and feature testing.

Recreate Deployment
• Shuts down the old version before deploying the new one.
• Results in downtime but ensures a clean deployment.
Dept. of Information Science and Engineering, AIT 14
Continuous Integration and Continuous Deployment (CI/CD) 2024-25

CONCLUSION

The CI/CD (Continuous Integration and Continuous Deployment/Delivery) pipeline has transformed
modern software development, enabling faster and more reliable releases. By automating code
integration, testing, and deployment, CI/CD minimizes human intervention, reduces errors, and
accelerates software delivery cycles.

One of the most significant advancements in CI/CD is its integration with cloud-native technologies,
containerization (Docker, Kubernetes), and Infrastructure as Code (Terraform, Ansible). These
technologies provide a scalable and flexible environment for deploying applications efficiently across
different platforms.

Another key evolution is the adoption of AI and machine learning in CI/CD pipelines, which helps in
automated testing, anomaly detection, and predictive analytics. This reduces failures, optimizes
resource utilization, and enhances software quality.

Additionally, DevSecOps is becoming an essential part of modern CI/CD pipelines, ensuring security
is integrated throughout the development lifecycle. Tools like SonarQube, Snyk, and Trivy help in
early vulnerability detection, making applications more secure.

Another key benefit of CI/CD is its role in fostering a DevOps culture, promoting collaboration
between development, operations, and security teams. The adoption of Infrastructure as Code (IaC),
containerization (Docker, Kubernetes), and cloud-native technologies has further enhanced CI/CD
capabilities, making it a fundamental practice in modern IT organizations.

As businesses continue to evolve, CI/CD will play an increasingly critical role in maintaining
software agility, scalability, and security. Organizations that implement effective CI/CD pipelines
can accelerate innovation, reduce operational costs, and enhance customer satisfaction. With ongoing
advancements in AI-driven automation, GitOps, and security-focused DevOps (DevSecOps), the
future of CI/CD looks even more promising, ensuring faster, smarter, and more resilient software
delivery.

Dept. of Information Science and Engineering, AIT 15

Continuous Integration and Continuous Deployment (CI/CD) 2024-25

REFERENCES

[1] S. Gupta, M. Bhatia, M. Memoria and P. Manani, "Prevalence of GitOps, DevOps in Fast CI/CD
Cycles," 2022 International Conference on Machine Learning, Big Data, Cloud and Parallel
Computing (COM-IT-CON), Faridabad, India, 2022, pp. 589-596, doi: 10.1109/COM-IT-
CON54601.2022.9850786.

[2] S. Georgiev and K. Nikolova, "Implementation of an Agile SDLC CI/CD pipeline for managing a
SDN VXLAN-EVPN fabric," 2023 31st National Conference with International Participation
(TELECOM), Sofia, Bulgaria, 2023, pp. 1-4, doi: 10.1109/TELECOM59629.2023.10409668.

[3] T. Golis, P. Dakić and V. Vranić, "Creating Microservices and using infrastructure as code within
the CI/CD for dynamic container creation," 2022 IEEE 16th International Scientific Conference
on Informatics (Informatics), Poprad, Slovakia, 2022, pp. 114-119, doi:
10.1109/Informatics57926.2022.10083442.

[4] N. M K, M. B S, N. Khandelwal, N. Pai and S. L, "CI/CD Pipeline with Vulnerability

Mitigation," 2023 International Conference on Recent Advances in Science and Engineering
Technology (ICRASET), B G NAGARA, India, 2023, pp. 1-6, doi: 10.1109/ICRASET59632
.2023.10419921.

[5] P. Bajpai and A. Lewis, "Secure Development Workflows in CI/CD Pipelines," 2022 IEEE
Secure Development Conference (SecDev), Atlanta, GA, USA, 2022, pp. 65-66, doi:
10.1109/SecDev53368.2022.00024.

Dept. of Information Science and Engineering, AIT 16