Continuous Integration and Continuous Delivery Framework for SDS

Abstract

Fast and efficient development of software drives the high demand for automation techniques, especially for cloud-based systems trying to implement Software Defined Systems (SDS). The emergence of Continuous Integration/Continuous Delivery (CI/CD) provides a set of steps for building, testing, and deployment of new software in an automated fashion. Consequently, many companies integrate CI/CD pipelines into their platform to automate the development and deployment of new software and applications. Software-Defined Perimeter (SDP) is a new approach to cyber security proposed by the Cloud Security Alliance (CSA) to dynamically secure network services. This is reached utilizing the need-to-know concept where authorization is only granted after strict user verification. SDP framework integrates with cloud-based systems seamlessly. However, the installation, configurations, and management of its components are still manual. This will require a lot of time and resources as the number of protected services increases. Therefore, this paper presents the implementation of the Continuous Integration/Continuous Delivery (CI/CD) pipeline for the open SDP project that automates the installation and deployment of its various components. Specifically, the Open SDP components (i.e., SDP controller and gateway) will be used as a use case to show the use of CI/CD and to secure applications hosted on the OpenShift environment. The OpenShift pipeline operator, based on the Tekton project was adopted as the CI/CD pipeline for this project. The Code Ready Container (CRC) was utilized as the OpenShift cluster, which is then hosted on a server running a Windows OS. Furthermore, the challenges, as well as their solutions to the Open SDP CI/CD pipeline, are presented.