Integrating scientific single-page applications with DevSecOps

IF 6.2 2区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

Future Generation Computer Systems-The International Journal of Escience Pub Date : 2024-12-31 DOI:10.1016/j.future.2024.107695

Lance Drane, Marshall McDonnell, Randall Petras, Cody Stiner, Arthur J. Ruckman, Gavin M. Wiggins, Gregory Cage, Robert Smith, Seth Hitefield, Jesse McGaha, Andrew Ayres, Mike Brim, Richard Archibald, Addi Malviya-Thakur

{"title":"Integrating scientific single-page applications with DevSecOps","authors":"Lance Drane, Marshall McDonnell, Randall Petras, Cody Stiner, Arthur J. Ruckman, Gavin M. Wiggins, Gregory Cage, Robert Smith, Seth Hitefield, Jesse McGaha, Andrew Ayres, Mike Brim, Richard Archibald, Addi Malviya-Thakur","doi":"10.1016/j.future.2024.107695","DOIUrl":null,"url":null,"abstract":"<div><div>In the rapidly evolving field of frontend development, Single-Page Applications (SPAs) stand out for their ability to create dynamic and interactive web applications, particularly valuable in scientific software for their real-time data integration and complex workflow management. However, the process of creating a single-page web application development environment that accurately reflects the production environment isn’t always straightforward. Most SPA build systems assume configuration at build time, while DevSecOps engineers prefer runtime configuration. This paper proposes a unique, framework-agnostic methodology designed to bridge this divide, facilitating the seamless integration of SPAs within the DevSecOps framework without necessitating expertise in both domains. Leveraging environmental variables, Docker, and a strategic approach to Content Security Policy (CSP), we provide a comprehensive guide for developing, deploying, and securing SPAs in a manner that is both efficient and secure. Applying this method to the INTERSECT and Smart Spectral Matching platforms, we demonstrate its effectiveness in enhancing both the development process and the user experience in scientific applications, thereby addressing the complex challenges faced by research software engineers in the current landscape.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"166 ","pages":"Article 107695"},"PeriodicalIF":6.2000,"publicationDate":"2024-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24006599","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

In the rapidly evolving field of frontend development, Single-Page Applications (SPAs) stand out for their ability to create dynamic and interactive web applications, particularly valuable in scientific software for their real-time data integration and complex workflow management. However, the process of creating a single-page web application development environment that accurately reflects the production environment isn’t always straightforward. Most SPA build systems assume configuration at build time, while DevSecOps engineers prefer runtime configuration. This paper proposes a unique, framework-agnostic methodology designed to bridge this divide, facilitating the seamless integration of SPAs within the DevSecOps framework without necessitating expertise in both domains. Leveraging environmental variables, Docker, and a strategic approach to Content Security Policy (CSP), we provide a comprehensive guide for developing, deploying, and securing SPAs in a manner that is both efficient and secure. Applying this method to the INTERSECT and Smart Spectral Matching platforms, we demonstrate its effectiveness in enhancing both the development process and the user experience in scientific applications, thereby addressing the complex challenges faced by research software engineers in the current landscape.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Future Generation Computer Systems-The International Journal of Escience 工程技术-计算机：理论方法

CiteScore

19.90

自引率

2.70%

发文量

376

审稿时长

10.6 months

期刊介绍： Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.