It is our pleasure to share the Continuous Delivery Foundation 2025 Annual Report which aims to highlight the achievements and main initiatives driven by our community and open source projects. The report captures some of the key steps our community took to make Continuous Delivery accessible and drive the future of software delivery.
Projects
The seven CDF open source projects have been hard at work. Every quarter, projects share updates with the community: March 2025, June 2025, October 2025.
Here are their key highlights for this year:
CDEvents
- v0.5.0 released (view project on GitHub)
- New sub-project: Conduit, which an Event-Driven SDLC Workflow Orchestration
- Working with the DORA community to make it possible to generate DORA metrics from CDEvents
Jenkins
- User interface redesigned with improved navigation and layout
- Obsolete YahooUI library removed
- Java 25 supported in addition to Java 17 and Java 21
- Google Summer of Code 2025 successfully completed 5 Jenkins projects
Jenkins X
- Project renamed: to reduce confusion the Jenkins X project has dropped “Jenkins” from the name and is now called JayeX. This change is in progress.
- JayeX now bundles with the latest LTS release of Tekton Pipelines (currently 1.6.0), making a lot of new functionality available.
Ortelius
Ortelius.io continues to expand its role within the Continuous Delivery Foundation through community programs that strengthen education, workforce readiness, and secure supply-chain practices driven from CI/CD.
- The Ortelius Jobseekers Series, held in early 2025, provided practical, hands-on guidance for developers and platform engineers looking to build skills in SBOMs, deployment metadata, and modern DevSecOps techniques, offering an accessible pathway into the evolving software supply-chain security ecosystem.
- In May, the community hosted SecureChainCon, a dedicated event focused on the future of continuous delivery and post-deployment security, bringing practitioners together to advance open, interoperable approaches to protecting production environments.
- In December, we held our holiday event where Jing Chen became the first woman to receive the coveted Gold Legend Award. To support the adoption of Ortelius, the team has undertaken a redesign of its core architecture to simplify onboarding, streamline integration workflows, and making its deployment digital-twin model easier for organizations to deploy and operationalize across diverse environments.
- And finally in November, Ortelius was introduced to the Space Force SDA Taps Lab to help bring cybersecurity to the space domain. More on this topic in 2026.
Screwdriver
- Added support for git sparse clone for improved performance of large repositories
- Reworked metadata processing to ensure consistency
- Added configurable timestamps for downloaded build logs
- Reworked build resource queue design for improved performance and stability
Spinnaker
Monorepo Migration and Date-Based Versioning: Spinnaker completed a migration to a monorepo and adopted a date-based release strategy in 2025. This improves development consistency, simplifies releases, and provides a clearer, more predictable versioning model for users and contributors.
Read-Only Support for Pipeline Operations: Read-only database support was expanded across pipeline APIs and the Orca execution engine. This allows operators to better distribute database load in high-scale environments, improving performance and overall system resilience.
Pipeline Management and Automation Improvements: New bulk pipeline update APIs and automation for identifying and disabling unused pipelines make it easier to manage large numbers of pipelines. These enhancements help teams keep pipeline configurations clean and maintainable over time.
Improved Pipeline Retry Behavior: Configurable backoff periods for pipeline retries were introduced, giving users more control over execution behavior and improving reliability when handling transient failures.
Continued Dependency Modernization and Performance Work: Ongoing work in 2025 focused on modernizing core dependencies, including AWS SDK v2 and Spring Boot 3, alongside performance improvements such as enabling external storage of large pipeline data. These efforts strengthen Spinnaker’s long-term stability and scalability.
Tekton
- Tekton Pipelines v1.0 was released
- FIPS support was implemented for Tekton Pipelines
- New projects where added:
- Tekton Pruner, to manage the lifecycle of Tekton resources
- Pipeline as Code, an opinionated CI/CD solution built on Tekton
- MCP Server
- The CI costs were reduced by almost 70%
- The CI system was migrated to new infrastructure
Hacktoberfest and GSoC
The CD Foundation’s projects participated in Hacktoberfest for the sixth year in a row and the Jenkins project was Google Summer of Code mentor organization once again in 2025 for their ninth year.
If your organization would like to apply to be a GSoC Mentor Organization, check out our Step-by-step Guide.
Members
Members
Thank you to our 16 members for their continuous support this year. Become a member to help us improve the world’s ability to deliver software with security and speed.
Community
Ambassadors
The 2025 CDF Ambassador cohort was announced in June! Thank you to the community for its continued support in spreading the word about the CD Foundation and the overwhelming number of ambassador applications.
Awards
At cdCon 2025 in June, we hosted the annual CDF Community Awards ceremony.
Elections & Committees
This year, the community re-elected some seats on our various CDF Committees. Each election had way more candidates than the number of available seats.
Continuous Spotlight
The Continuous Spotlight features our wonderful community members.
Here are the spotlights from 2025:
New Initiatives
In January 2025, we launched two new initiatives that have been vibrant and active groups throughout the year.
DataOps Intitiative
The DataOps Initiative is a forum and gathering place for experts across DevOps, Data Engineering, and Machine Learning (ML) fields to exchange ideas and create DataOps resources and best practices. View their blog posts and workshops.
CI/CD Cybersecurity SIG
The CI/CD Cybersecurity Special Interest Group (SIG) aims to address cybersecurity challenges by advancing security tooling within CI/CD pipelines. This first year, the group published an open CI/CD Cybersecurity Guide.
Training & Certification
In partnership with the Cloud Native Computing Foundation (CNCF) and Linus Foundation Training and Certification, we launched the Certified GitOps Associate (CGOA) Certification in 2024.
The Certified GitOps Associate (CGOA) exam allows candidates to demonstrate their understanding of GitOps principles, terminology, and best practices in setting up a GitOps managed software system in addition to related practices such as Configuration as Code, Infrastructure as Code, DevOps & DevSecOps, and CI & CD and how to map them to GitOps.
Take this 6-month training to build the hands-on skills today’s cloud native teams rely on – CI/CD, GitOps, DevSecOps, Kubernetes automation, workflow orchestration, and more with the DevOps & GitOps IT Professional Program.
It includes, DevOps and SRE Fundementals, Jenkins, Argo CD, the CGOA mentioned above and how to implement DevSecOps.
Events & Outreach
cdCon 2025
June 23–25 | Denver, Colorado
The sixth annual cdCon was a huge success. It was co-located with Open Source Summit North America in June, in Denver Colorado. The content and speakers were excellent and the audience was engaged and abundant. Over 168 people registered for our track specifically and often filled the room.
Watch the recordings | Read the Wrap-up
🏆 cdCon is a Best DevOps Event of the Year finalist!
Community Organized Events
FOSDEM CD & Testing Devroom
February 1 | Brussels, Belgium
Archive | 2026 Devroom
SecureChainCon
May 16 | Virtual
Watch recordings
Jenkins Contributor Summit
January 31 | Brussels, Belgium
Kerala October Meetup
October 4 | Kerala, India
Continuous Delivery Workshop Series
One of the CDF community initiatives is the Continuous Delivery Workshops. It’s run by the community, for the community.
We hosted two new workshops this year. Click on the images to watch the recording
Techstrong.TV
Since 2022, we’ve been collaborating with Techstrong to host The CD Pipeline – Continuously Delivering Software from A to Z which spotlights all aspects of Continuous Delivery as we interview community thought leaders about different technologies, open source, best practices, and future trends. Key topics include Continuous Delivery events, interoperability, software supply chain, and more.
This year, we recorded that last two episodes. Thank you Techstrong.TV for hosting this great series!
Publications
CDF User Story
Read the latest CDF User Story. Scaling Up: Orchestrating CI/CD in a Large Organization. Andrew and Brett shared how SAS improved their software release process to ship faster and more often.
Previous Stories
- Fidelity Investments: Securing Fidelity Investments’ Software Supply Chain: A Platform Approach to Enhancing Continuous Delivery Security Practices
- Ericsson: Developing Complete End-to-End CI/CD Pipelines at Ericsson
- Autodesk: Streamlining Global Continuous Delivery: The Impact of Developer Relations Automation at Autodesk
Blog Posts
In collaboration with our community, we published several blog posts touching on the different aspects of CD, including DataOps, Cybersecurity, AI and more.
- Introducing CI/CD Cybersecurity Special Interest Group (SIG) for the Continuous Delivery Foundation
- Announcing the CDF’s DataOps Initiative
- Getting Started with CDEvents: Tracking DORA Metrics
- How it works: SAS Open Source Event Provenance Registry (EPR)
- DataOps Engineers Explore MCP and A2A
- CDEvents Presented at DORA Community Meeting | Recording
- Enlightenment 2.0: LLMs are the New Cybersecurity Plague
- Tekton Pipelines Reaches 1.0: Stability Today, Innovation Tomorrow
- Refreshed Jenkins Design in 2.516.1 | Recording
- How to Shift from Fixed to On-Demand Release Cadence
- The Agentic Layer: Why the Middle of the Cake Matters in AI-Driven Delivery
- Engineering Trust in AI-Native CI/CD: A Three‑Panel Deep Dive with CDF Ambassadors
- A Cybersecurity Guide to Seamless DevSecOps
- GSoC Mentor Organizations | Application Guide
- The Ingredients of the Cake: Recipes for Sustainable AI Delivery
- Why Be a Member of an Open Source Foundation?
- The DORA 4 key metrics become 5
- cdCon Finalist in 2025 DevOps Dozen Award
- The Road to InfoOps
- Shai-Hulud 2.0 is a wake-up call
Panels and Interviews
We hosted a few panels and interviews this year. Watch the recordings
Thank you!
We hope you enjoyed reflecting on all the great things we accomplished together in 2025. Your comments and feedback are welcome at info@cd.foundation
Next Year
See you in 2026
We look forward to seeing you all on May 18–20 for cdCon 2026, taking place in Minneapolis, Minnesota on, as part of Open Source Summit North America. The call for proposals is open and will close on February 8. Submit a talk
