From the course: DevOps Foundations: Accelerating Continuous Delivery in the Enterprise

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Compliance visibility and control

Compliance visibility and control - Jenkins Tutorial

From the course: DevOps Foundations: Accelerating Continuous Delivery in the Enterprise

Start my 1-month free trial

Compliance visibility and control

- [Instructor] There are multiple reasons why a fast and safe pipeline supports compliance needs in an enterprise. Even if you're not part of a highly regulated industry, there are likely still regulations you need to comply with, such as data privacy laws. Since actions are usually logged by the pipeline tools, we are able to determine things like which changes were made by who and when were they released to production. We should also be able to trace back artifacts in production all the way back to the code changes that generated them. For example, if we detect a vulnerability in production due to an external library we're using, we can trace back to find out when was that library version introduced or updated. These are the sort of auditing capabilities we get almost for free when we ensure the pipeline is the only channel to production and that all changes start in version control. But there's a lot more we can do.…

Contents