| CPC G06Q 10/06313 (2013.01) [G06F 8/22 (2013.01); G06F 8/60 (2013.01)] | 22 Claims |
|
1. A method for continuous integration and deployment (CI/CD) in association with an enterprise application in a computing environment, comprising:
in association with a sequence of automated stages comprising a CI/CD pipeline, and prior to a next deployment of the enterprise application, the enterprise application comprising code that passes through the sequence of automated stages during its development:
discovering one or more software supply chain artifacts associated with the pipeline;
for at least one software supply chain artifact, discovering one or more tasks responsible for handling the software supply chain artifact, together with any associated dependencies;
retrieving a compliance policy associated with a development side of the computing environment;
registering the discovered software supply chain artifact, the one or more tasks, and the one or more associated dependencies with the compliance policy; and
within the development side of the computing environment, and based on at least one of the discovered software supply chain artifact, the one more tasks, and the one or more associated dependencies, updating one or more values associated with one or more policy check parameters associated with the compliance policy, wherein the one or more values associated with one or more policy check parameters are updated in an automated manner using pre-defined or pre-configured values; and
thereafter, deploying the enterprise application in a production environment.
|