Score
A deployment pattern that treats Git as the single source of truth for infrastructure and application manifests, enabling automated reconciliation of desired state to clusters (typically Kubernetes) via controllers; common tooling includes Argo CD and Flux, Helm/Kustomize manifests, and automated pull-request-driven delivery with observability and drift detection.
In cross-organizational, cross-domain, and offline distributed entity collaboration, existing API- and message-broker-based approaches struggle to simultaneously ensure auditability, loose coupling, and participant autonomy. Method: This paper proposes a GitOps-based coordination model that uses Git as a shared state repository, leverages Kubernetes-style Custom Resource Definitions (CRDs) with declarative spec/status fields to represent desired and observed states, and integrates cryptographic commit signing, fine-grained access control, and Operator-driven automated synchronization. Contribution/Results: The model extends GitOps beyond intra-cluster operations to inter-organizational coordination, natively supporting version traceability, operational auditing, and state reproducibility. Experiments demonstrate significant improvements over RESTful APIs and message middleware in transparency, auditability, offline fault tolerance, and operational observability—while preserving participant autonomy and system decoupling.
This study addresses operational inefficiencies, poor auditability, and upgrade challenges in legacy control systems of large-scale scientific facilities—such as CERN, Diamond Light Source, and Fermilab’s ACORN project. We propose a GitOps-based modernization framework that adopts Git as the single source of truth for declarative configurations and tightly integrates containerization, Infrastructure-as-Code (IaC), and cloud-native principles to establish an automated, traceable, and version-controlled control infrastructure. Notably, this work represents the first systematic integration of modern data pipelines and AI/ML capabilities into accelerator science control systems, enabling automated configuration deployment, closed-loop runtime telemetry, and intelligent anomaly detection. Empirical evaluation demonstrates significant improvements in system reliability, maintainability, and regulatory audit compliance. The approach provides a reusable technical paradigm and engineering framework for the digital transformation of big-science facilities.
This study addresses the deployment latency caused by delayed detection of newly pushed container images in continuous deployment workflows. To mitigate this issue, the authors construct an end-to-end continuous deployment pipeline based on FluxCD and, for the first time, integrate SyMon into a real-world FluxCD environment to enable runtime monitoring of logs from GitHub Actions, GitHub Container Registry, FluxCD, and Kubernetes applications. Experimental results demonstrate that FluxCD consistently detects new images within 10 minutes, although detection within 5 minutes is not always reliable. SyMon effectively enables near-real-time monitoring, thereby validating its feasibility and practicality in quantifying image detection latency and ensuring timely deployments.
Infrastructure-as-Code (IaC) environments suffer from configuration drift when IaC tools are used alongside cloud consoles, CLIs, or SDKs, leading to state inconsistency and operational risks. To address this, we propose NSync—a novel AI agent system that unifies API log tracing, large language model (LLM)-based intent inference, and a self-evolving knowledge base to automatically detect non-IaC configuration changes and perform semantic-level remediation. NSync identifies configuration deviations by analyzing cloud API call logs, infers high-level operational intent via LLMs, and incrementally refines repair strategies in an iterative knowledge base. It further integrates IaC code generation with automated evaluation pipelines to ensure synchronization accuracy and efficiency. Evaluated on five real-world Terraform projects, NSync achieves a pass@3 accuracy of 0.97—up from 0.71—and reduces token consumption by 47%, significantly enhancing IaC environment consistency and maintainability.
This study systematically reveals the significant impact of network misconfigurations on lateral movement attack risks in Kubernetes clusters. Addressing the limited coverage of existing detection tools, we propose a security assessment framework that integrates static configuration analysis with lateral movement path modeling. We conduct a large-scale, cross-organizational empirical study across 287 open-source applications, identifying— for the first time—634 real-world network misconfiguration vulnerabilities, far exceeding the detection capacity of mainstream tools. Our findings have driven remediation efforts in over 30 critical open-source projects; the proposed mitigation strategies have been adopted by multiple enterprises, substantially enhancing network isolation and overall security posture in production Kubernetes deployments.
This study addresses the significant inconsistencies among current Kubernetes security hardening guidelines and configuration scanning tools in terms of recommendation coverage and risk scoring, which hinder effective security configuration decisions. The authors systematically analyze eight widely adopted hardening guides to derive a unified benchmark of 79 configuration recommendations and conduct a structured empirical evaluation of ten static scanning tools. For the first time, they establish a standardized framework for assessing Kubernetes configuration security. Their findings reveal substantial discrepancies in both coverage and risk assessment across existing guidelines and tools, underscoring the urgent need for a transparent and consistent security evaluation methodology. This work provides the community with a reproducible benchmark and actionable criteria for tool selection and policy alignment.
This work addresses the challenge of modeling and governing user journey reliability in microservice systems, an emergent property that existing SLO-as-code approaches fail to capture effectively, leading to misalignment between intended objectives and actual system behavior. To bridge this gap, the paper introduces Emergence-as-Code (EmaC), a novel framework that formalizes journey reliability as declarative, verifiable, and executable code specifications. By integrating distributed tracing, traffic analysis, and runtime model synthesis, EmaC automatically infers journey-level SLOs and their error budgets, then leverages an SLO compiler to generate corresponding control-plane artifacts. Embedded within GitOps workflows, EmaC enables auditable, autonomous governance mechanisms—such as burn rate alerts and release gates—to achieve computable, closed-loop management of end-to-end reliability.
This work addresses the absence of Git-like data versioning in existing lakehouse architectures, which hinders collaborative development among multiple agents and human-in-the-loop review workflows. To bridge this gap, the paper introduces Git semantics into lakehouse systems by extending Apache Iceberg to support lakehouse-wide commits, branches, and merges—elevating single-table snapshots to a unified versioning model. This enables agents to operate on isolated branches while ensuring atomic, cross-table changes during release. The core abstractions are formally modeled and verified using Alloy to guarantee semantic correctness. The proposed system has been deployed in production, demonstrating the feasibility and effectiveness of the collaborative workflow it enables.
This study addresses the lack of systematic understanding in the configuration and maintenance of CI/CD caching, which imposes a significant burden on developers despite its benefits for build efficiency. Through a large-scale empirical analysis of 952 repositories on GitHub Actions—encompassing 1,556 workflow files and over ten thousand cache-related changes—the authors employ code mining, configuration analysis, commit tracing, and statistical modeling to uncover real-world caching practices, evolutionary patterns, and human-bot collaboration in maintenance. The findings reveal that cache adopters are more active, caching strategies are diverse and frequently adjusted, and build- and test-related tasks evolve rapidly. Manual interventions primarily address misconfigurations, whereas version upgrades are predominantly automated by bots. The work quantifies the maintenance overhead of caching and provides empirical foundations for improving developer tooling.
Enterprise cloud environments are frequently exposed to security threats due to misconfigurations, excessive permissions, and fragmented security tooling, compounded by the absence of unified, coordinated protection across Kubernetes, OpenStack, and Infrastructure-as-Code (IaC) platforms. This work proposes the first open-source microservices-based security framework that uniquely integrates identity governance, multi-platform configuration auditing, runtime threat detection, and automated IaC remediation into a single closed-loop system. Designed with standardized REST/gRPC interfaces and scalable for medium-to-large deployments, the framework synergistically combines Falco, ELK, Terraform, Checkov, and OPA. In enterprise evaluations, it reduced vulnerability assessment time from 120 to 18 minutes, achieved a false positive rate below 5%, decreased security incidents by 62%, and lowered operational costs by approximately 40%, all while being released under the Apache 2.0 license.