Building a Continuously Integrating System with High Safety

Volume 15, Number 4

Building a Continuously Integrating System with High Safety

Authors

Tuan Nguyen Kim¹, Ha Nguyen Hoang² and Vy Huynh Trieu³, ¹Duy Tan University, Viet Nam, ²Hue University, Vietnam, ³Phạm Van Dong University, Viet Nam

Abstract

In this paper, we propose and implement an internal continuous integration system, based on two opensource tools Jenkins and GitLab, taking into account the safety factor for servers in the system. In the proposed system, we use a combination of firewall function and reverse proxy function to protect Jenkins server itself and reduce the risk of this server against attacks on the CVE-2021-44228 security vulnerability, may exist in plugins of Jenkins. This system is highly practical, and it can be applied to immediately protect service servers when a vulnerability in it has been discovered but the corresponding patch has not been found or the condition to update the patch is not allowed yet.

Keywords

Continuous Integration, Continuous Delivery, CI/CD, CVE-2021-44228, Firewalls, Jenkins, Gitlab