公开(公告)号：US11328065B1

公开(公告)日：2022-05-10

申请号：US16523797

申请日：2019-07-26

Applicant: Stripe, Inc.

Inventor： Jonathan Wall ,  Andy Reitz ,  Ed Flanagan

IPC: G06F9/44 ,  G06F21/57 ,  G06F8/36 ,  G06F8/70 ,  H04L9/32 ,  G06F8/60

Abstract: Architectures, systems and methods for building trusted and secure artifacts are disclosed. In one embodiment, the method comprises: receiving inputs including one or more instances of software code; verifying trustworthiness of the one or more inputs; creating software code using a forward immutable continuous integration (CI) pipeline having a plurality of stages with forward immutability between consecutive pipeline stages to receive the one or more inputs verified as trustworthy and to build and test one or more containers associated with the one or more inputs, wherein each subsequent stage after a first stage of the pipeline depends on an immutable output of an immediately preceding stage in the pipeline, and further wherein the pipeline includes an emission stage for outputting signed, trusted software code from the pipeline; and storing signed, trusted software code in a repository for deployment, the repository only accepting signed software code for deployment.