International Journal of Advanced Research in Computer and Communication Engineering

Abstract: Modern web applications demand rapid releases, consistent deployments, and strong security practices. Manual build and deployment approaches often lead to configuration drift, delayed delivery, and increased chances of human error. This paper presents the design and implementation of a CI/CD pipeline for a MERN-based e-commerce application using Jenkins and AWS, enhanced with DevSecOps practices. The proposed pipeline automates the complete workflow from source code integration to containerized deployment. It includes static code quality validation using SonarQube, vulnerability assessment using Trivy, container image packaging using Docker, private image management through AWS Elastic Container Registry (ECR), and deployment to AWS EC2. Additionally, monitoring and observability are improved using AWS CloudWatch and alerting mechanisms through Slack notifications. The implementation ensures faster and repeatable deployments, improved code reliability, and early identification of security issues, making the system suitable for real-world production workflows..

Keywords: CI/CD, DevOps, DevSecOps, Jenkins, Docker, SonarQube, Trivy, AWS EC2, AWS ECR, CloudWatch, MERN Stack, E-Commerce

Downloads: | DOI: 10.17148/IJARCCE.2026.151124