This paper presents the design and implementation of a comprehensive DevSecOps CI/CD pipeline for a 3-tier web application comprising a React.js frontend, Node.js backend API, and MySQL database. The pipeline is built using Jenkins as the automation engine and integrates multi-layer security tooling including GitLeaks for secret detection, SonarQube for Static Application Security Testing (SAST), and Trivy for filesystem and container image vulnerability scanning. A manual production approval gate ensures human oversight before deployment. The application is containerized using Docker and deployed to Amazon EKS (Elastic Kubernetes Service) on AWS in the ap-south-1 region using Kubernetes manifests for all three tiers. Slack notifications provide real-time pipeline visibility. The study demonstrates that integrating security at every stage of the CI/CD pipeline — the shift-left security model — significantly reduces the risk of credential leakage, dependency vulnerabilities, and container misconfigurations reaching production. The complete implementation is publicly available at https://github.com/jatin8318/DevSecOps-CI-CD-Pipeline-for-a-3-Tier-Web-Application
Navneet Yadav (Fri,) studied this question.