Trusted Software Supply Chain | Securing CI/CD Pipelines with Blockchain | DevSecOps Project

Description

In this video, we demonstrate our university project: a Blockchain-based DevSecOps solution designed to prevent software supply chain attacks. Standard container registries can be compromised, leading to malicious code being deployed into production. Our system solves this by acting as an immutable digital notary. We integrate directly with CI/CD pipelines to calculate the SHA-256 hash of Docker images at build time and store them securely on the Ethereum blockchain. Before deployment, our CD pipeline verifies the image signature against the blockchain registry. If it's tampered with or unrecognized, the deployment is instantly blocked! 🛡️ 💻 Tech Stack Used: Blockchain: Solidity, Hardhat, Ethers.js, Ethereum (Sepolia Testnet), Alchemy Backend (CI/CD Agent): Node.js, Express, Docker CLI Frontend Dashboard: React.js, Tailwind CSS #DevSecOps #Blockchain #Docker #Ethereum #CyberSecurity #Web3 #CI_CD #UniversityProject