From 56250544d901133fabb1e7941a409f3d7b9d7c9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Esteves?= Date: Thu, 26 Sep 2024 15:14:52 +0200 Subject: [PATCH 01/56] Week 6: Presentation Proposal (#2546) --- .../presentation/week6/tmbpe-wenqic/README.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 contributions/presentation/week6/tmbpe-wenqic/README.md diff --git a/contributions/presentation/week6/tmbpe-wenqic/README.md b/contributions/presentation/week6/tmbpe-wenqic/README.md new file mode 100644 index 0000000000..2e4abbfd46 --- /dev/null +++ b/contributions/presentation/week6/tmbpe-wenqic/README.md @@ -0,0 +1,30 @@ +# Assignment Proposal + + +## Title + +NixOS: Reproducibility with Flakes and Secrets + +## Names and KTH ID + + - Tomás Esteves(tmbpe@kth.se) + - Wenqi Cao(wenqic@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Presentation + +## Description + +NixOS is a Linux distribution that follows a declarative approach. This allows it to be reproducible. +However by itself NixOS does not allow to lock packages versions and store secrets securely. +In this presentation We will present the `nix flake` feature that permits us to have a config that does not depend on the time at which it was created +and some tools such as `sops-nix` and `agenix` that allow us to store safely secrets. + +**Relevance** + +These features and tools are crucial in DevOps, specially in Dependency Management and DevSecOps. From 1b630afb91017b360138ff67b743297fb46fe349 Mon Sep 17 00:00:00 2001 From: SK <39242670+SKFrozenCloud@users.noreply.github.com> Date: Thu, 26 Sep 2024 15:25:05 +0200 Subject: [PATCH 02/56] week6: demo (#2526) --- .../demo/week6/sinakh-eggestig/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/demo/week6/sinakh-eggestig/README.md diff --git a/contributions/demo/week6/sinakh-eggestig/README.md b/contributions/demo/week6/sinakh-eggestig/README.md new file mode 100644 index 0000000000..eda0021bdd --- /dev/null +++ b/contributions/demo/week6/sinakh-eggestig/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +Secure your git and CD pipeline with SOPS. + +## Names and KTH ID + +- Sina Khoraman (sinakh@kth.se) +- Robin Eggestig (eggestig@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +In this assignment we will demonstrate how to securely store sentitive files in git using SOPS: an open-source tool specially created for encrypting and decrypting the values in the configuration files of the software application that is being developed. We will first quickly showcase how passwords stored in configuration files can be a vulnerability. Then, we will quickly deploy SOPS and secure our CD pipeline. Our goal is to showcase how a simple script can greatly improve the security of the delivery process. + +In this demo we aim to demonstrate that the gap between "proper security" (e.g. using Vault and dynamic keys) and "no security" (storing passwords in files) can be filled with minimal effort. + +**Relevance** + +Implementing security mechanisms is itself an entire task. Especially in the starting phase, the focus is always put on functionality and features, and thus, security has a tendency to be left behind. That is at least until the application reaches a certain level of maturity where proper security becomes less of a feature and more of a requirement. But, until that happens, a lot of software is left defenseless in the face of potential attackers. Thus, even minimal security, such as encrypting the passwords in configuration files, can make a huge difference. It is then important that developers are at least aware of the potential solutions that could be implemented "in the meantime". From fa2919c8225fa11940af50a98422442bfad3803f Mon Sep 17 00:00:00 2001 From: Quang M Nguyen <81567595+bepp-boop@users.noreply.github.com> Date: Thu, 26 Sep 2024 15:27:02 +0200 Subject: [PATCH 03/56] Executable Tutorial Proposal (#2540) * Feedback Proposal * executable tutorial * delete * Fix format --- .../executable-tutorial/mqnguyen/README.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/executable-tutorial/mqnguyen/README.md diff --git a/contributions/executable-tutorial/mqnguyen/README.md b/contributions/executable-tutorial/mqnguyen/README.md new file mode 100644 index 0000000000..0c021b846e --- /dev/null +++ b/contributions/executable-tutorial/mqnguyen/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +Infrastructure as Code with Pulumi +## Names and KTH ID + +- Quang M Nguyen (mqnguyen@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable tutorial + +## Description + +This tutorial provides a step-by-step guide on using Pulumi for Infrastructure as Code (IaC) to install, set up, and create/deploy an infrastructure consisting of an NGINX web server and multiple services such as NGINX and Redis using Docker containers. It covers the process of defining and managing infrastructure resources using Pulumi, enabling users to easily provision and manage their infrastructure in a declarative manner. By following this tutorial, users will gain hands-on experience in leveraging Pulumi for DevOps practices in managing their infrastructure. + +**Relevance** + +Infrastructure as Code (IaC) is a fundamental practice in DevOps that allows teams to automate the provisioning and management of infrastructure resources. Pulumi is a modern IaC tool that enables developers to define and manage infrastructure resources using familiar programming languages. By using Pulumi, teams can achieve greater flexibility, consistency, and scalability in managing their infrastructure, aligning with the DevOps goal of automating and streamlining the development and deployment processes. This tutorial aims to introduce users to Pulumi and demonstrate its capabilities in managing infrastructure resources effectively. + +Killercoda: https://killercoda.com/bepp-boop/scenario/pulumi +Github: https://github.com/bepp-boop/KillerCoda \ No newline at end of file From a421988c5c280aa92aa920599e5d8dfa751bd5e0 Mon Sep 17 00:00:00 2001 From: laullaurado <80075476+laullaurado@users.noreply.github.com> Date: Sun, 29 Sep 2024 11:38:19 +0200 Subject: [PATCH 04/56] Scientific Paper Presentation Week 6 (#2550) --- .../week6/lllr-peremr/README.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 contributions/scientific-paper/week6/lllr-peremr/README.md diff --git a/contributions/scientific-paper/week6/lllr-peremr/README.md b/contributions/scientific-paper/week6/lllr-peremr/README.md new file mode 100644 index 0000000000..3d2b36115a --- /dev/null +++ b/contributions/scientific-paper/week6/lllr-peremr/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Challenges and solutions when adopting DevSecOps: A systematic review + +## Names and KTH ID + + - Lauren Llauradó (lllr@kth.se) + - Pere Mateu Raventós (peremr@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Scientific paper + +## Description + +We plan to present the paper titled "[Challenges and solutions when adopting DevSecOps: A systematic review](https://doi.org/10.1016/j.infsof.2021.106700)", which provides a structured analysis of the key challenges developers encounter when implementing DevSecOps and outlines the solutions suggested in the literature to address these issues. + +**Relevance** + +It is important to know how to identify and solve challenges in DevSecOps in a systematized way in order to have better practices. \ No newline at end of file From 990002803f3c2507385a5385e34e9df2fd55398d Mon Sep 17 00:00:00 2001 From: Viktor Fornstad <89360115+Flopalot@users.noreply.github.com> Date: Sun, 29 Sep 2024 11:39:47 +0200 Subject: [PATCH 05/56] Week 6: Demo Proposal (#2551) --- .../demo/week6/vikfor-ghenn/README.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 contributions/demo/week6/vikfor-ghenn/README.md diff --git a/contributions/demo/week6/vikfor-ghenn/README.md b/contributions/demo/week6/vikfor-ghenn/README.md new file mode 100644 index 0000000000..3a66e3457e --- /dev/null +++ b/contributions/demo/week6/vikfor-ghenn/README.md @@ -0,0 +1,31 @@ +# Assignment Proposal + +## Title + +Using Semgrep to find vulnerabilities + +## Names and KTH ID + + - Viktor Fornstad (vikfor@kth.se) + - Gustav Henningsson (ghenn@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +We want to demo the static analysis tool called Semgrep. In the demo we will: +- Connect Semgrep to a Github repo +- Run Semgrep, with the basic rule-set, on the repo +- Show and explain the information given by Semgrep +- Create a custom rule that can be used with Semgrep +We will also explain why it is important to use static analysis tools for DevSecOps. + +**Relevance** + +There are hundreds of different vulnerabilities that exist and it's therefor difficult for your average developer to know of and remember all of them. To know why and how to use static analysis tools to identify vulnerabilities is important to combat this problem. From 26300024fb98c166003d59cccc52371579b49fac Mon Sep 17 00:00:00 2001 From: Ninni Date: Sun, 29 Sep 2024 11:50:54 +0200 Subject: [PATCH 06/56] Scientific Paper Proposal - Week 6 (#2556) * Scientific Paper * Update README.md --- .../week6/hocker-nwijkman/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/scientific-paper/week6/hocker-nwijkman/README.md diff --git a/contributions/scientific-paper/week6/hocker-nwijkman/README.md b/contributions/scientific-paper/week6/hocker-nwijkman/README.md new file mode 100644 index 0000000000..e93ddf3933 --- /dev/null +++ b/contributions/scientific-paper/week6/hocker-nwijkman/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +Machine Learning-Based Run-Time DevSecOps: ChatGPT Against Traditional Approach + +## Names and KTH ID + + - Simon Hocker (hocker@kth.se) + - Nicole Wijkman (nwijkman@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Scientific paper + +## Description + +We will present a recent scientific paper from this year wherein they perform a comparative study between two different approaches to classifying suspicious server log activities and detecting potential threats. Specifically, it compares the classic, traditional machine learning approach of using Weka API for classification with a new proposed novel method of using ChatGPT for performing runtime log analysis. They explore the mechanics and potential of using ChatGPT in Python where context represents labelled data and the questions themselves contain the log records which are being evaluated. Beyond exploring the possibility of it, they also analyse the viability of the novel method, and examine its potential as well as its drawbacks and limitations, and then compares it with the tried and true Weka API method. + +Our presentation will begin by elaborating on why such research is important for the field of DevSecOps, as well as describing the scenario being analysed in the paper. From there, we will go on to detail the workings of both the new and the traditional approach in detail, followed by their respective strengths and weaknesses. Afterwards, we will end the presentation with an explanation of the paper's conclusions.([Machine Learning-Based Run-Time DevSecOps: ChatGPT Against Traditional Approach](https://ieeexplore.ieee.org/document/10192161)) + +**Relevance** + +Security integration in the DevOps pipeline is crucial for maintaining a secure development environment. This paper addresses this need by introducing AI-driven automated log analysis techniques to detect security threats during runtime. It also compares this approach with traditional machine learning practices, providing valuable insights for enhancing security and efficiency in agile development workflows. From 232ee51ad557a205edc865bbe2e6e4d0a6307941 Mon Sep 17 00:00:00 2001 From: Uqqasha <44897137+Uqqasha@users.noreply.github.com> Date: Sun, 29 Sep 2024 15:47:47 +0200 Subject: [PATCH 07/56] Feedback Proposal (#2530) * Week 2: Demo Proposal * Week-3: Presentation Proposal * Week-3: Presentation Proposal * Week 5 Scientific Paper Proposal * Feedback Proposal --- .../feedback/uqqasha-lvainio/README.md | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 contributions/feedback/uqqasha-lvainio/README.md diff --git a/contributions/feedback/uqqasha-lvainio/README.md b/contributions/feedback/uqqasha-lvainio/README.md new file mode 100644 index 0000000000..b51b894dd1 --- /dev/null +++ b/contributions/feedback/uqqasha-lvainio/README.md @@ -0,0 +1,21 @@ +# Assignment Proposal + +## Title + +Feedback on "Security Linting in Python using Bandit" + +## Names and KTH ID + + - Uqqasha Ijaz (uqqasha@kth.se) + - Leo Vainio (lvainio@kth.se) + +## Deadline + +- Task 1 + +## Category + +- Feedback + +## Description +We would like to give feedback to this [executable tutorial](https://github.com/KTH/devops-course/pull/2453). From 8ccbed99a72baf9df7a5b47b5bef10feb0b3c66a Mon Sep 17 00:00:00 2001 From: Tomi Toma <75096265+ttoma00@users.noreply.github.com> Date: Sun, 29 Sep 2024 16:01:45 +0200 Subject: [PATCH 08/56] Create README.md (#2549) --- .../week7/ttoma-emilsjol/README.md | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 contributions/presentation/week7/ttoma-emilsjol/README.md diff --git a/contributions/presentation/week7/ttoma-emilsjol/README.md b/contributions/presentation/week7/ttoma-emilsjol/README.md new file mode 100644 index 0000000000..92ccbb1c80 --- /dev/null +++ b/contributions/presentation/week7/ttoma-emilsjol/README.md @@ -0,0 +1,25 @@ +# Assignment Proposal + +## Title +Chaos Engineering with Chaos Monkey + +## Names and KTH ID + + - Student Tomi Toma (ttoma@kth.se) + - Student Emil Sjölander (emilsjol@kth.se) + +## Deadline + +Week 7 + +## Category + +Presentation + +## Description + +In this presentation we will talk about Chaos Monkey which is a tool created by Netflix that intentionally disrupts system to test the systems overall resilience. We will talk about how Chaos Monkey fits in with Chaos Engineering and DevOps and its practical application to ensure system reliability. + +**Relevance** + +This is relevant to DevOps because it helps developers to identify weakness in production systems early and patch them and reaching the goals of continuous delivery, resilience and high up time for the users. By continously tsting failiures devops teams can confidently realse robust and fault tolerant systems. From 9de1886284020199dd03b45287f00a888f1fb711 Mon Sep 17 00:00:00 2001 From: Noel Tesfalidet <58369280+NoelMT@users.noreply.github.com> Date: Sun, 29 Sep 2024 16:03:55 +0200 Subject: [PATCH 09/56] Executable Tutorial: Proposal (Noelt-Atheers) (#2554) --- .../noelt-atheers/README.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 contributions/executable-tutorial/noelt-atheers/README.md diff --git a/contributions/executable-tutorial/noelt-atheers/README.md b/contributions/executable-tutorial/noelt-atheers/README.md new file mode 100644 index 0000000000..bbd3dabfa7 --- /dev/null +++ b/contributions/executable-tutorial/noelt-atheers/README.md @@ -0,0 +1,30 @@ +# Assignment Proposal + +## Title +Data access testing using Testcontainers + +## Names and KTH ID + + - Noel Tesfaldiet (noelt@kth.se) + - Atheer Salim (atheers@kth.se) + +## Deadline +- Task 3 + +## Category +- Executable tutorial + +## Description +We will create an executable tutorial in Killercoda that focus on using Testcontainers in python for testing a backend api. This api has a data +access layer which consist of Redis (cache) and PostgresSQL (long term storage), which we will test. +This tutorial will be using Testcontainers to manage containers for the backend testing. Some of the learning outcomes will be that the user gets an idea of what it is and +the benifits of using Testcontainers. In addition to this the user will gain some knowledge in how to use the library. + + **Relevance** + +Testcontainers can provide complex testing envronments that are repreducable and automate the process of creating these environments. The Testcontainers can also be used to +mock the production environments and makes it quite simple to test frontend,backend,database etc. Testcontainers makes sure that the containers +and services are up and runnig in a desired clean state. Furthermore it will perform cleanup of the containers for you. + + + From 7645b29d91e0c131490db691c4d0ffca7411285f Mon Sep 17 00:00:00 2001 From: PeiyangZheng <1151701517@qq.com> Date: Sun, 29 Sep 2024 16:07:37 +0200 Subject: [PATCH 10/56] Executable tutorial Proposal (#2555) * Week 3: presentation proposal * Week 3: presentation proposal * Week 3: presentation proposal * Week-7 Executable tutorial Proposal --- .../peiyang-immig/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/executable-tutorial/peiyang-immig/README.md diff --git a/contributions/executable-tutorial/peiyang-immig/README.md b/contributions/executable-tutorial/peiyang-immig/README.md new file mode 100644 index 0000000000..7109b4739e --- /dev/null +++ b/contributions/executable-tutorial/peiyang-immig/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +Database Visualization with Sampler +## Names and KTH ID + +- Peiyang Zheng (peiyang@kth.se) +- Florian Jerome Immig (immig@kth.se) + +## Deadline + +- Task 2 + +## Category + +- Executable tutorial + +## Description + +This tutorial provides a step-by-step guide on using Sampler to visualize data from databases including MySQL, PostgreSQL and MongoDB. The tutorial covers the installation and setup of Sampler, configuration of database, and creating a YAML configuration file to visualize various metrics such as the number of records, data insertion rate, and database size. By using Sampler, users can create real-time terminal-based dashboards that offer insights into their database's performance and status. + +The tutorial will demonstrate how to configure different visual components like barcharts, runcharts, sparklines, and textboxes to provide a comprehensive view of database metrics. This executable tutorial is designed to give users practical experience in setting up and using Sampler to monitor and visualize their databases effectively. + +**Relevance** + + Sampler is a lightweight, terminal-based visualization tool that can be easily set up without the complexity of traditional monitoring systems. This tutorial will show how to leverage Sampler to create a customizable and interactive dashboard that helps users gain insights into their database's performance, making it easier to identify and troubleshoot issues. This aligns with the DevOps principles of observability and monitoring, enabling teams to maintain high levels of service quality and system reliability. + From 0e42884d5a056683cbc901fb372c22fd022786c5 Mon Sep 17 00:00:00 2001 From: David <58865236+dvavd@users.noreply.github.com> Date: Sun, 29 Sep 2024 16:43:33 +0200 Subject: [PATCH 11/56] Week 6: Scientific Paper Proposal (#2547) * Create dvavd-muhammad1928 * Delete contributions/presentation/week3/dvavd-muhammad1928 * Create README.md for presentation * Rename folder from dvavd-muhammad1928 to streuli-mnem * update according to discussion in PR: highlight flyway as a tool for database versioning. * Update contributions/presentation/week3/streuli-mnem/README.md Thanks! Co-authored-by: Aman Sharma * add proposal for feedback * adjust deadline * add team member * add readme for task proposal * add readme for task demo * add break * doc: fix the task category * remove readme * Update contributions/scientific-paper/week6/streuli-prerna/README.md Co-authored-by: Aman Sharma * add description of SAST and DAST --------- Co-authored-by: David Streuli Co-authored-by: Aman Sharma Co-authored-by: DavidCWQ --- .../week6/streuli-prerna/README.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/scientific-paper/week6/streuli-prerna/README.md diff --git a/contributions/scientific-paper/week6/streuli-prerna/README.md b/contributions/scientific-paper/week6/streuli-prerna/README.md new file mode 100644 index 0000000000..5b8769d6b3 --- /dev/null +++ b/contributions/scientific-paper/week6/streuli-prerna/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +Implementing and Automating Security Scanning to +a DevSecOps CI/CD Pipeline + +## Names and KTH ID + + - Prerna Gupta (prerna@kth.se) + - David Streuli (streuli@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Scientific paper + +## Description + +The paper explores the automation of security scanning focusing on containerised applications. The paper explores the application of Static Application Security Testing (SAST) and Dynmaic Application Security Testing (DAST) to enhance security. SAST is a static analysis technique while DAST tests the application at runtime and does not need to have access to the source code. We'll explain how integrating corresponding tools improves the security of containerized applications by finding vulnerabilities soon and automating their removal from the CI/CD process, the effectiveness of deploying and automating security scanning in DevSecOps pipeline with Snyk and StackHawk tools and methodologies used for detecting vulnerabilities.We conclude the presentation with future scope. The paper can be found here: https://ieeexplore.ieee.org/abstract/document/10235015 + +**Relevance** + +In this paper, a DevSecOps CI/CD pipeline integrated dynamic security testing strategy to address the special requirements of securing containerised applications. The model features early vulnerability detection and push left practices with automated remediation using tools such as Snyk for Static Application Security Testing (SAST) and StackHawk for Dynamic Application Security Testing (DAST), all during the software development lifecycle (SDLC). From bd042debaf25b443157a29f6dee30936fa612ac3 Mon Sep 17 00:00:00 2001 From: kthfre <43249933+kthfre@users.noreply.github.com> Date: Sun, 29 Sep 2024 16:45:08 +0200 Subject: [PATCH 12/56] Executable tutorial proposal (#2519) * week 2: demo proposal * week 2: demo proposal * week 3: presentation proposal * merge * executable tutorial proposal * merge * update * update --------- Co-authored-by: kthfre --- .../executable-tutorial/golman/README.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 contributions/executable-tutorial/golman/README.md diff --git a/contributions/executable-tutorial/golman/README.md b/contributions/executable-tutorial/golman/README.md new file mode 100644 index 0000000000..252f4393ea --- /dev/null +++ b/contributions/executable-tutorial/golman/README.md @@ -0,0 +1,30 @@ +# Assignment Proposal + +## Title + +End-to-end training of a neural network to deployment in a live application + +## Names and KTH ID + + - Fredrik Gölman (golman@kth.se) + +## Deadline +- Task 2 + +## Category +- Executable tutorial + +## Description + +I'd like to make an executable tutorial that goes through the training of a neural network in a Jupyter notebook on Colab, handling the intermediary steps, and deployment to some live application, so the end-to-end process. I'd put limited focus on the ML aspects and greater focus on the DevOps aspects. I'd like to whip together my own functionality for the DevOps parts, if I may, as it's a fun learning experience and could be meaningful scripts for future usage. The deployment criteria for the model could be to exceed previous test data accuracy, but there could also be any other reasonable criteria. I haven't fully decided on the functionality for the MLops/DevOps part. The bare minimum is actually deploying the model live when fulfilling the criteria. Other things being considered are model storage/rollback, job scheduling/queue in running notebooks, monitoring of multiple notebooks, etc. + +Architecture wise there would be: +- The Colab notebook running the ML stuff (and some network connectivity). +- An MLops tool consisting of a backend and a corresponding GUI (web). +- A demo web application that uses the model on the backend. + +I asked TA about this briefly in a lab session (not previous, but one before that) and it sounded OK. I meant to register it earlier, but other coursework came in between. I think it's still OK to register an MLops task since it's asynchronous and there is no "week" folder structure in the directory tree. So if it is, and the proposal sounds OK, is all I have to do commit to a deadline and deliver? + +**Relevance** + +Jupyter Notebook/Lab is often used for processing, preparing, and visualizing data, as well as subsequently training machine learning models. The process of deriving a model is often an iterative process to determine suitable model architectures and optimal hyperparameters. Models may furthermore require continuous altering after deployment as more data becomes available or use cases change. This process is presumably often done manually, particularly as data scientists and conventional developers may be different teams, but there are clear benefits in automating the process. From 89355d62f6abb1abd6e3aff0c3912e2f5c011f71 Mon Sep 17 00:00:00 2001 From: OlleGunnemyr <81633882+OlleGunnemyr@users.noreply.github.com> Date: Sun, 29 Sep 2024 22:51:35 +0200 Subject: [PATCH 13/56] Week 6: demo proposal (#2553) * week 5: presentation proposal * Create README.md Week 6. Demo * Week 6: Demo proposal updated --- .../demo/week6/ollegu-smhanna/README.md | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 contributions/demo/week6/ollegu-smhanna/README.md diff --git a/contributions/demo/week6/ollegu-smhanna/README.md b/contributions/demo/week6/ollegu-smhanna/README.md new file mode 100644 index 0000000000..ce2a9066e4 --- /dev/null +++ b/contributions/demo/week6/ollegu-smhanna/README.md @@ -0,0 +1,25 @@ +# Assignment Proposal + +## Title + +Integrate RetireJS into Github workflow + +## Names and KTH ID + +- Olle Gunnemyr (ollegu@kth.se) +- Sam Maltin (smhanna@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +RetireJS is an open-source tool that can detect the use of JavaScript library versions with known vulnerabilities when developing a web application. By integrating the scan into a Github CI/CD pipeline via Github Actions, it would mitigate the risks from vulnerable libraries early in the Software Development Life Cycle (SDLC). Modifications/uses of RetireJS within Github for further security measures will also be demonstrated. + +_Relevance +With the growing number of Javascript libraries on the web and Node.js applications, it is easier to unknowingly choose insecure libraries during development. Automating the vulnerability detection in the CI/CD pipeline by integrating RetireJS, would earlier mitigate the risks of security breaches from these vulnerable libraries, such as Cross-Site Scripting or Remote Code Execution attacks, and thus would be a relevant aspect within DevSecOps. From b2d3d8c313b2b84f1ee78e3e9d90da24bd0e3a5c Mon Sep 17 00:00:00 2001 From: DavidQ Date: Mon, 30 Sep 2024 09:16:31 +0200 Subject: [PATCH 14/56] Week 7: Demo Proposal (#2560) * chore: update folder names and kth id * add readme for task demo * doc: update README * doc: update README --------- Co-authored-by: dvavd --- .../demo/week7/streuli-wenqic/README.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/demo/week7/streuli-wenqic/README.md diff --git a/contributions/demo/week7/streuli-wenqic/README.md b/contributions/demo/week7/streuli-wenqic/README.md new file mode 100644 index 0000000000..bdc275d104 --- /dev/null +++ b/contributions/demo/week7/streuli-wenqic/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +Data Version Control for MLOps with DVC + +## Names and KTH ID + +- David Streuli (streuli@kth.se) +- Wenqi Cao (wenqic@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Demo + +## Description + +In this demo, we will explore the importance of Data Version Control (DVC) in the context of Machine Learning operations (MLOps). We'll start by discussing the challenges associated with managing and versioning large datasets and ML models, especially when these assets need to evolve alongside the codebase to maintain project coherence and reproducibility. We'll introduce DVC, a powerful tool designed to handle data and model versioning seamlessly alongside code changes. We will demonstrate how to integrate DVC into the Continuous Integration/Continuous Deployment (CI/CD) pipeline, ensuring that changes in data and models are as traceable and manageable as changes in the application code. + +**Relevance** + +Data versioning is indispensable in the sphere of MLOps as it guarantees that changes to datasets and models are consistently applied across all stages of the development lifecycle. This approach enhances collaboration between data scientists and engineers, while also minimizing risks like data drift and model drift. By incorporating DVC into the MLOps pipeline, teams can then maintain reliable, reproducible workflows and safeguard the integrity of machine learning models as they scale. + From fdfba8fbebc0157141749790e5849b8bfeceec29 Mon Sep 17 00:00:00 2001 From: Isak Einberg <45336755+einbergisak@users.noreply.github.com> Date: Mon, 30 Sep 2024 09:21:19 +0200 Subject: [PATCH 15/56] add feedback (#2537) --- contributions/feedback/ieinberg/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/contributions/feedback/ieinberg/README.md b/contributions/feedback/ieinberg/README.md index 7c92d7123c..edb19a98e5 100644 --- a/contributions/feedback/ieinberg/README.md +++ b/contributions/feedback/ieinberg/README.md @@ -17,4 +17,7 @@ Task 2 ## Description -Feedback for [#2387](https://github.com/KTH/devops-course/pull/2387) by hallkvi@kth.se and lindefor@kth.se. \ No newline at end of file +Feedback for [#2387](https://github.com/KTH/devops-course/pull/2387) by hallkvi@kth.se and lindefor@kth.se. + +**Update** - The feedback can be viewed here: +https://github.com/KTH/devops-course/pull/2387#issuecomment-2371909023 \ No newline at end of file From d99c18f753bf69334d66b1af649211d4a5f59a45 Mon Sep 17 00:00:00 2001 From: Florian <83873752+florianim@users.noreply.github.com> Date: Mon, 30 Sep 2024 11:32:03 +0200 Subject: [PATCH 16/56] scientific paper proposal - week 6 (#2552) * week 4: presentation proposal * demo proposal: week 5 * scientific paper proposal - week 6 --------- Co-authored-by: Florian Immig --- .../week6/peiyang-immig/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/scientific-paper/week6/peiyang-immig/README.md diff --git a/contributions/scientific-paper/week6/peiyang-immig/README.md b/contributions/scientific-paper/week6/peiyang-immig/README.md new file mode 100644 index 0000000000..496111346c --- /dev/null +++ b/contributions/scientific-paper/week6/peiyang-immig/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +The Seven Sins: Security Smells in Infrastructure as Code Scripts + +## Names and KTH ID + + - Peiyang Zheng (peiyang@kth.se) + - Florian Jerome Immig (immig@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Scientific paper + +## Description + +We plan to present the paper titled "The Seven Sins: Security Smells in Infrastructure as Code Scripts", which provides an empirical study on security smells in infrastructure as code (IaC) scripts. The authors identify seven distinct security smells, such as hard-coded secrets and invalid IP address binding, which could lead to potential security breaches. They propose a static analysis tool, Security Linter for Infrastructure as Code scripts (SLIC), to detect these smells and highlight their prevalence and persistence in real-world IaC scripts. +Link: https://ieeexplore.ieee.org/document/8812041 + +**Relevance** + +Understanding and mitigating security smells in IaC scripts is crucial for ensuring the security and robustness of automated infrastructure management in DevOps practices such as Infrastructure as Code. + From bc2cf1abfb77ceff2d6fd0bb621f5fcfda61328f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lai=20Wikstr=C3=B6m?= <73502398+dannolaius@users.noreply.github.com> Date: Mon, 30 Sep 2024 21:51:06 +0200 Subject: [PATCH 17/56] Week 6: Demo proposal (#2558) * Create README.md * Update README.md --- .../demo/week6/raeef-daniellw/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/demo/week6/raeef-daniellw/README.md diff --git a/contributions/demo/week6/raeef-daniellw/README.md b/contributions/demo/week6/raeef-daniellw/README.md new file mode 100644 index 0000000000..dbba64b980 --- /dev/null +++ b/contributions/demo/week6/raeef-daniellw/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +Using static analysis with SonarCloud to identify security flaws. + +## Names and KTH ID + + - Daniel Lai Wikström (daniellw@kth.se) + - Rafael Bechara (raeef@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +We'll be showing how integrating SonarCloud with GitHub Actions can help developers automatically discover potential security flaws in their applications. Before the demo we'll set up a repo with GitHub Actions that automatically run a sonar scan upon pushing new code. + +During the demo we'll push some code with a security flaw such as not sanitizing user input which makes us vulnerable to XSS attack. We'll then show how this vulnerability fails the quality gate check. We’ll then show the analysis page that gives us information of where in the code the vulnerabilities are, how the vulnerabilities work and suggestions about how we can fix them. + +**Relevance** + +Using GitHub Actions for static code analysis upon pushing to a repo is a pretty textbook example of DevOps by facilitating Continous Integration through automatic testing upon source code changes. Since we're adding the capability of identifying security flaws to our DevOps workflow it's also relevant to DevSecOps. From 87c3e444fc31f407548556150879f9a61373a537 Mon Sep 17 00:00:00 2001 From: oscols <83168314+oscols@users.noreply.github.com> Date: Tue, 1 Oct 2024 07:59:11 +0200 Subject: [PATCH 18/56] Task 2: Executable tutorial proposal (oscols + hugomal) (#2488) * Executable tutorial proposal * Added Partner --- .../oscols-hugomal/README.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 contributions/executable-tutorial/oscols-hugomal/README.md diff --git a/contributions/executable-tutorial/oscols-hugomal/README.md b/contributions/executable-tutorial/oscols-hugomal/README.md new file mode 100644 index 0000000000..0ce29411b9 --- /dev/null +++ b/contributions/executable-tutorial/oscols-hugomal/README.md @@ -0,0 +1,24 @@ +# Assignment Proposal + +## Title + +Using Ansible for Disaster Recovery automation + +## Names and KTH ID + +- Oscar Olsson (oscols) +- Hugo Malmberg (hugomal) + +## Deadline + +- Task 3 + +## Category + +- Executable tutorial + +## Description +This tutorial will be made in KillerKoda. First there will be an introduction to Configuration Management (CM) and Ansible, as well as what it can be used for. Since CM is often used in the military, the theme of this tutorial will be military weapon systems. More specifically, the user will set up two servers for a missile launch system, one of them being a backup. Then, (totally unexpectedly) a missile launch will be activated and the user most act quickly to abort the launch. To achieve this, Disaster Recovery has to be activated, where the backup server will come to use. + +**Relevance** +CM tools are crucial for DevOps environments since they make it possible to configure the environments via scripts. CM can have great benefits, and is not that costly to implement. Therefore, it's important to have knowledge in how to set up CM tools. And Ansible is one of these tools. The benefits of CM becomes evident due to the fact that it enables Disaster Recovery to be implemented to a project, which can potentially save companies in case emergency strikes. And that is why Disaster Recovery is relevant to CM and DevOps as a whole. \ No newline at end of file From f4df462e194b6539865483772fa097bb36948dfa Mon Sep 17 00:00:00 2001 From: r-chandni <136533224+r-chandni@users.noreply.github.com> Date: Tue, 1 Oct 2024 11:04:34 +0200 Subject: [PATCH 19/56] Week 6 demo proposal (#2569) --- contributions/demo/week6/cnra-catir/README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 contributions/demo/week6/cnra-catir/README.md diff --git a/contributions/demo/week6/cnra-catir/README.md b/contributions/demo/week6/cnra-catir/README.md new file mode 100644 index 0000000000..ec21dd7ff9 --- /dev/null +++ b/contributions/demo/week6/cnra-catir/README.md @@ -0,0 +1,16 @@ +# Assignment Proposal +## Title +Automating Private Dependency Management and Version Integration +## Names and KTH ID +- Chandni Rakhashiya (cnra@ug.kth.se) +- Emir Catir (catir@kth.se) +## Deadline +- Week 6 +## Category +- Demo +## Description +In this demo, we will explore how to effectively manage private dependencies in web applications using Azure Artifacts. We will display how to store, publish, and manage packages securely within Azure Artifacts and automate its integration into applications. Additionally, we will demonstrate how to streamline version updates by integrating new version of dependency across multiple applications or environments. + +Relevance + +This topic directly addresses key aspects of dependency management by demonstrating how to securely manage private packages. This approach enhances control and efficiency in managing dependencies. By leveraging CI/CD, the process of handling version updates is automated and this ensures faster, more reliable updates. From 680ab497bc4140a764271cbe409c47eb224280c5 Mon Sep 17 00:00:00 2001 From: M1l0d <101342857+M1l0d@users.noreply.github.com> Date: Tue, 1 Oct 2024 14:17:54 +0200 Subject: [PATCH 20/56] Create README.md (#2563) --- .../samkh-miladsf/README.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/executable-tutorial/samkh-miladsf/README.md diff --git a/contributions/executable-tutorial/samkh-miladsf/README.md b/contributions/executable-tutorial/samkh-miladsf/README.md new file mode 100644 index 0000000000..d227f33fe2 --- /dev/null +++ b/contributions/executable-tutorial/samkh-miladsf/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title +Monitoring ML Model Predictions with Prometheus + +## Names and KTH ID + + - Sam Khosravi (samkh@kth.se) + - Milad Farahani (miladsf@kth.se) + +## Deadline +- Task 3 + +## Category +- Executable tutorial + +## Description + +In this tutorial we will set up a python script that logs a ML models predictions. +This is integrated with Prometheus which will mointor them. +The goal is to learn how to integrate Prometheus with a Python application, which is then will be able to monitor the model to understand if it for example will work well when put into production. + + **Relevance** + +Monitoring ML model prediction with Prometheus is highly relevant to DevOps because it introduces automation and observability to the machine learning lifecycle. +In DevOps, ensuring that systems are continously monitored for performance and reliability is crucial and this extends to machine learning models in production. +By integrating Prometheus to track metrics like prediction accuracy or latency, teams can proactively identify issues to reduce downtime and improve model reliability. From 4a943a5b8e2b807a79aee4d740fb45958958fa42 Mon Sep 17 00:00:00 2001 From: Diogo Correia Date: Tue, 1 Oct 2024 14:19:24 +0200 Subject: [PATCH 21/56] task 2: diogotc-rmfseo feedback proposal (#2564) --- .../feedback/diogotc-rmfseo/README.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 contributions/feedback/diogotc-rmfseo/README.md diff --git a/contributions/feedback/diogotc-rmfseo/README.md b/contributions/feedback/diogotc-rmfseo/README.md new file mode 100644 index 0000000000..e4f206ce5a --- /dev/null +++ b/contributions/feedback/diogotc-rmfseo/README.md @@ -0,0 +1,23 @@ +# Assignment Proposal + +## Title + +Feedback on Presentation +[NixOS: Reproducibility with Flakes and Secrets](https://github.com/KTH/devops-course/pull/2546) + +## Names and KTH ID + + - Diogo Correia (diogotc@kth.se) + - Rafael Oliveira (rmfseo@kth.se) + +## Deadline + +Task 2 + +## Category + +Feedback + +## Description + +We want to provide feedback to Tomás and Wenqi before their presentation on Wednesday. From dd403549ae36c7ba50a80a8184c63628b5b77095 Mon Sep 17 00:00:00 2001 From: YiNan Date: Tue, 1 Oct 2024 14:21:39 +0200 Subject: [PATCH 22/56] Feedback Proposal (#2567) * Week4 proposal: scientific paper * Feedback Proposal --- .../feedback/tianning-yinanhu/README.md | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100755 contributions/feedback/tianning-yinanhu/README.md diff --git a/contributions/feedback/tianning-yinanhu/README.md b/contributions/feedback/tianning-yinanhu/README.md new file mode 100755 index 0000000000..6356e59df3 --- /dev/null +++ b/contributions/feedback/tianning-yinanhu/README.md @@ -0,0 +1,33 @@ +# Assignment Proposal + + + +## Title + +Feedback on Scientific Paper [The Seven Sins: Security Smells in Infrastructure as Code Scripts](https://ieeexplore.ieee.org/document/8812041) + + + +## Names and KTH ID + +- Tianning Liang (tianning@kth.se) +- Yinan Hu (yinanhu@kth.se) + + + +## Deadline + +- Task 2 + + + +## Category + +- Feedback + + + +## Description + +We would like to provide a feedback for the scientfic paper presentation The Seven Sins: Security Smells in Infrastructure as Code Scripts made by Peiyang Zheng and Florian Jerome Immig. ([#2552](https://github.com/KTH/devops-course/pull/2552)) + From 99b129aa3d111f16db295d72171ede58de07dde2 Mon Sep 17 00:00:00 2001 From: Diogo Gaspar Date: Tue, 1 Oct 2024 14:29:37 +0200 Subject: [PATCH 23/56] week 7: scientific paper proposal (#2532) * week 5: presentation proposal * week 7: scientific paper proposal * week 7: fix typo * week 7: fix folder structure * week 7: add paper link --- .../week7/dgaspar-tmbpe/README.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 contributions/scientific-paper/week7/dgaspar-tmbpe/README.md diff --git a/contributions/scientific-paper/week7/dgaspar-tmbpe/README.md b/contributions/scientific-paper/week7/dgaspar-tmbpe/README.md new file mode 100644 index 0000000000..6f824815e9 --- /dev/null +++ b/contributions/scientific-paper/week7/dgaspar-tmbpe/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +[A Case Study of Developer Bots: Motivations, Perceptions, and Challenges](https://dl.acm.org/doi/10.1145/3611643.3616248) + +## Names and KTH ID + +- Diogo Gaspar (dgaspar@kth.se) +- Tomás Esteves (tmbpe@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Scientific Paper + +## Description + +The paper examines 23 developer bots used in Microsoft's CI/CD workflows, aiding thousands of developers across 13,000 repositories. These bots, categorized into configuration, security, data privacy, productivity, and code quality, help automate tasks and provide early feedback to developer actions; through interviews, surveys, as well as the analysis of hundreds of thousands of bot actions, the authors' study explores the motivations, benefits and challenges of using these bots, such as managing excessive feedback (noise), among others. + +**Relevance** + +The study in hand is highly relevant to DevOps, examining how developer bots automate tasks in CI/CD pipelines to improve code quality, productivity, among other key goals of the area. Besides delineating how these bots streamline workflows and support the "shift left" approach, the paper also highlights core challenges: managing multiple bots, and prioritizing feedback, critical for maintaining efficiency in large-scale environments. From 99557c33ce5d4ad0fb881620d53da4ef5a767360 Mon Sep 17 00:00:00 2001 From: Alexanderliu2002 <144798511+Alexanderliu2002@users.noreply.github.com> Date: Tue, 1 Oct 2024 15:49:54 +0200 Subject: [PATCH 24/56] Feedback proposal week 6: Security Linting in Python using Bandit (#2561) * Create aleliu-jakstrom * feedback proposal * . * Update README.md * added gustaf --- .../feedback/aleliu-gussvens/README.md | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 contributions/feedback/aleliu-gussvens/README.md diff --git a/contributions/feedback/aleliu-gussvens/README.md b/contributions/feedback/aleliu-gussvens/README.md new file mode 100644 index 0000000000..a78f25ecc9 --- /dev/null +++ b/contributions/feedback/aleliu-gussvens/README.md @@ -0,0 +1,33 @@ +# Assignment Proposal + +Feedback on Executable tutorial: Security Linting in Python using Bandit + +## Title + +Feedback on executable tutorial: Security Linting in Python using Bandit + +## Names and KTH ID + + - Alexander Liu (aleliu@kth.se) + - Gustaf Svensson (gussvens@kth.se) + +## Deadline + +- Task 2 + + +## Category + +- Executable tutorial + + +## Description + +Feedback on #2453 +Security Linting in Python using Bandit +https://github.com/KTH/devops-course/tree/2024/contributions/executable-tutorial/ieinberg-emilsjol + + +**Relevance** + +Feedback and (code) review is important =) From 439750e7ce8c4b3f195a92e399fc96d3f09aff90 Mon Sep 17 00:00:00 2001 From: Martin Monperrus Date: Tue, 1 Oct 2024 16:50:45 +0200 Subject: [PATCH 25/56] schedule week 6 --- contributions/README.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/contributions/README.md b/contributions/README.md index ce58378935..5116ddef9b 100644 --- a/contributions/README.md +++ b/contributions/README.md @@ -86,4 +86,32 @@ General Intro about the course. 1. [Creating Spotify playlist using Terraform](https://github.com/KTH/devops-course/pull/2531) 1. [Disaster Recovery using Terraform](https://github.com/KTH/devops-course/pull/2544) +### Week 6 + +1. [GitGuardian: Preventing Data Leaks Through Automated Security](https://github.com/KTH/devops-course/pull/2396) +1. [Yet another cybersecurity risk assessment framework](https://github.com/KTH/devops-course/pull/2402) +1. [Using Bitwarden Secret Manager to centrally store, manage, and deploy secrets at scale.](https://github.com/KTH/devops-course/pull/2409) +1. [Making your NPM security wishes come true.](https://github.com/KTH/devops-course/pull/2421) +1. [Measuring frequency of deployments](https://github.com/KTH/devops-course/pull/2393) +1. [Continuous Information Flow Control](https://github.com/KTH/devops-course/pull/2439) +1. [Comparing pnpm, npm and yarn](https://github.com/KTH/devops-course/pull/2443) +1. [Dynamic Secrets in HashiCorp Vault](https://github.com/KTH/devops-course/pull/2447) +1. [_Streamlining Python Dependency Management with Poetry_](https://github.com/KTH/devops-course/pull/2449) +1. [_Hardening GitHub Actions for increased security_](https://github.com/KTH/devops-course/pull/2468) +1. [Ensuring the integrity and source of software packages](https://github.com/KTH/devops-course/pull/2477) +1. [Detecting vulnerabilities in Python code using static code analysis with Bandit](https://github.com/KTH/devops-course/pull/2507) +1. [Integrating Organizational Policies Using Open Policy Agent](https://github.com/KTH/devops-course/pull/2512) +1. [Using dependabot to automatically detect vulnerabilities in imported packages](https://github.com/KTH/devops-course/pull/2513) +1. [Arc Browser's impotant security breach and why SecDevOps is important](https://github.com/KTH/devops-course/pull/2545) +1. [The event stream incident - vulnerabilities of open source dependencies and possible mitigations. ](https://github.com/KTH/devops-course/pull/2525) +1. [NixOS: Reproducibility with Flakes and Secrets](https://github.com/KTH/devops-course/pull/2546) +1. [Secure your git and CD pipeline with SOPS.](https://github.com/KTH/devops-course/pull/2526) +1. [Challenges and solutions when adopting DevSecOps: A systematic review](https://github.com/KTH/devops-course/pull/2550) +1. [Using Semgrep to find vulnerabilities](https://github.com/KTH/devops-course/pull/2551) +1. [Machine Learning-Based Run-Time DevSecOps: ChatGPT Against Traditional Approach](https://github.com/KTH/devops-course/pull/2556) +1. [Implementing and Automating Security Scanning to](https://github.com/KTH/devops-course/pull/2547) +1. [Integrate RetireJS into Github workflow](https://github.com/KTH/devops-course/pull/2553) +1. [The Seven Sins: Security Smells in Infrastructure as Code Scripts](https://github.com/KTH/devops-course/pull/2552) +1. [Using static analysis with SonarCloud to identify security flaws.](https://github.com/KTH/devops-course/pull/2558) +1. [Automating Private Dependency Management and Version Integration](https://github.com/KTH/devops-course/pull/2569) From 2d71f7cc200a872e52705914cbc28a445a409ac0 Mon Sep 17 00:00:00 2001 From: Martin Monperrus Date: Tue, 1 Oct 2024 16:51:24 +0200 Subject: [PATCH 26/56] improve schedule.py --- tools/schedule.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) mode change 100644 => 100755 tools/schedule.py diff --git a/tools/schedule.py b/tools/schedule.py old mode 100644 new mode 100755 index 3b9875b097..be4f45cec8 --- a/tools/schedule.py +++ b/tools/schedule.py @@ -1,18 +1,21 @@ #!/usr/bin/python3 # automate the preparation of the schedule +# usage ./schedule.py week4 import subprocess # get current date and time import datetime import re +import sys # get output of command ls # get output of command ls # and store it in a variable -WEEK="week4" +WEEK=sys.argv[1] + output = subprocess.getoutput("git log --oneline contributions/presentation/"+WEEK+" contributions/demo/"+WEEK+"/ contributions/scientific-paper/"+WEEK+"/").split("\n") output.reverse() @@ -47,7 +50,7 @@ def get_title(content): # get commit hash commit_hash = i.split(" ")[0] # get list of files in the commit using git command - files = [x for x in subprocess.getoutput(f"git diff-tree --no-commit-id --name-only -r {commit_hash}").split("\n") if ".md" in x.lower() and ("presentation" in x or "demo" in x or "scientific-paper" in x )] + files = [x for x in subprocess.getoutput(f"git diff-tree --no-commit-id --name-only -r {commit_hash}").split("\n") if ".md" in x.lower() and ("presentation" in x or "demo" in x or "scientific-paper" in x ) and WEEK in x] # print the commit hash #print(commit_hash) # get content of first file From 4a53eaf6fe13f18242f2e14fe35bb6a9f5399598 Mon Sep 17 00:00:00 2001 From: Rikard Johansson <100140328+ItsRkaj@users.noreply.github.com> Date: Wed, 2 Oct 2024 13:25:46 +0200 Subject: [PATCH 27/56] Change proposal to the right spot (#2576) --- .../{demo => scientific-paper}/week5/rikj-millear/README.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename contributions/{demo => scientific-paper}/week5/rikj-millear/README.md (100%) diff --git a/contributions/demo/week5/rikj-millear/README.md b/contributions/scientific-paper/week5/rikj-millear/README.md similarity index 100% rename from contributions/demo/week5/rikj-millear/README.md rename to contributions/scientific-paper/week5/rikj-millear/README.md From 0cfefc52cd40f2831ed88048fcce88cecbee0a8b Mon Sep 17 00:00:00 2001 From: Amin Nouiser <57321964+noizy-sthlm@users.noreply.github.com> Date: Wed, 2 Oct 2024 14:21:00 +0200 Subject: [PATCH 28/56] Added demo proposal (#2559) --- contributions/demo/week6/anouiser/README.md | 27 +++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/demo/week6/anouiser/README.md diff --git a/contributions/demo/week6/anouiser/README.md b/contributions/demo/week6/anouiser/README.md new file mode 100644 index 0000000000..f593d77c0b --- /dev/null +++ b/contributions/demo/week6/anouiser/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +Kubernetes secrets with Sealed Secrets + +## Names and KTH ID + + - Amin Nouiser (anouiser@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +Managing Kubernetes secrets can be challenging, especially when the infrastructure is defined in code in a public git repository. By default, Kubernetes secrets are only base64 encoded but not encrypted which is not sufficiently secure. Sealed Secrets is a tool that allows secrets to be encrypted by the developer and remain so until they reach the cluster. + +In this demo, I will begin by demonstrating how secrets can be distributed without Sealed Secrets to illustrate the security risk. I will then introduce Sealed Secrets and demonstrate how it solves this problem and makes the distribution more secure. + +**Relevance** + +This demo is relevant to DevOps as it addresses secure secret management in Kubernetes which is a key principle in DevSecOps. \ No newline at end of file From 4b8216b0389f593f8340c623d5704a39a56922b8 Mon Sep 17 00:00:00 2001 From: Aman Sharma Date: Wed, 2 Oct 2024 14:32:22 +0200 Subject: [PATCH 29/56] Update README.md --- contributions/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/contributions/README.md b/contributions/README.md index 5116ddef9b..8644d9e014 100644 --- a/contributions/README.md +++ b/contributions/README.md @@ -92,7 +92,6 @@ General Intro about the course. 1. [Yet another cybersecurity risk assessment framework](https://github.com/KTH/devops-course/pull/2402) 1. [Using Bitwarden Secret Manager to centrally store, manage, and deploy secrets at scale.](https://github.com/KTH/devops-course/pull/2409) 1. [Making your NPM security wishes come true.](https://github.com/KTH/devops-course/pull/2421) -1. [Measuring frequency of deployments](https://github.com/KTH/devops-course/pull/2393) 1. [Continuous Information Flow Control](https://github.com/KTH/devops-course/pull/2439) 1. [Comparing pnpm, npm and yarn](https://github.com/KTH/devops-course/pull/2443) 1. [Dynamic Secrets in HashiCorp Vault](https://github.com/KTH/devops-course/pull/2447) From a5e772f564b15df022a40c02cdf0486075a71f3d Mon Sep 17 00:00:00 2001 From: YiNan Date: Wed, 2 Oct 2024 15:30:27 +0200 Subject: [PATCH 30/56] Feedback Submission (#2580) * Week4 proposal: scientific paper * Feedback Proposal * feedback submission --- contributions/feedback/tianning-yinanhu/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/contributions/feedback/tianning-yinanhu/README.md b/contributions/feedback/tianning-yinanhu/README.md index 6356e59df3..6eca400b09 100755 --- a/contributions/feedback/tianning-yinanhu/README.md +++ b/contributions/feedback/tianning-yinanhu/README.md @@ -29,5 +29,6 @@ Feedback on Scientific Paper [The Seven Sins: Security Smells in Infrastructure ## Description -We would like to provide a feedback for the scientfic paper presentation The Seven Sins: Security Smells in Infrastructure as Code Scripts made by Peiyang Zheng and Florian Jerome Immig. ([#2552](https://github.com/KTH/devops-course/pull/2552)) +We provided a feedback for the scientfic paper presentation The Seven Sins: Security Smells in Infrastructure as Code Scripts made by Peiyang Zheng and Florian Jerome Immig. ([#2552](https://github.com/KTH/devops-course/pull/2552)) +The feedback is posted as a comment [here](https://github.com/KTH/devops-course/pull/2552#issuecomment-2386656661) From 3528631d1f7cac9b5a32d861d676ca3af35aac09 Mon Sep 17 00:00:00 2001 From: Leo Vainio <61742173+lvainio@users.noreply.github.com> Date: Wed, 2 Oct 2024 16:48:37 +0200 Subject: [PATCH 31/56] chore: add submission links (#2584) --- contributions/executable-tutorial/lvainio-wenqic/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/contributions/executable-tutorial/lvainio-wenqic/README.md b/contributions/executable-tutorial/lvainio-wenqic/README.md index 2fc8107d45..8dd0ba3bbc 100644 --- a/contributions/executable-tutorial/lvainio-wenqic/README.md +++ b/contributions/executable-tutorial/lvainio-wenqic/README.md @@ -23,4 +23,7 @@ To make the tutorial I will use Killercoda. Gosec is a security scanner for the **Relevance** -Detecting vulnerabilities as soon as new code is commited to the code base is great since it is often easier and cheaper to fix these issues when they are found early. Scanning the source code for known vulnerabilities, which is what gosec does, is one way to detect security issues early on. Having security integrated in the DevOps workflow also alleviates the potential bottleneck of having a completely separate security team having to review each new update, which could delay deployment. \ No newline at end of file +Detecting vulnerabilities as soon as new code is commited to the code base is great since it is often easier and cheaper to fix these issues when they are found early. Scanning the source code for known vulnerabilities, which is what gosec does, is one way to detect security issues early on. Having security integrated in the DevOps workflow also alleviates the potential bottleneck of having a completely separate security team having to review each new update, which could delay deployment. + +- KillerCoda: [KillerCoda link](https://killercoda.com/lvainio/scenario/gosec) +- GitHub: [GitHub link](https://github.com/lvainio/executable-tutorial-dd2482) \ No newline at end of file From a14c3a0556e419608905d3b0539053de2501da6b Mon Sep 17 00:00:00 2001 From: David <58865236+dvavd@users.noreply.github.com> Date: Thu, 3 Oct 2024 07:19:29 +0200 Subject: [PATCH 32/56] Added Feedback (#2586) * Create dvavd-muhammad1928 * Delete contributions/presentation/week3/dvavd-muhammad1928 * Create README.md for presentation * Rename folder from dvavd-muhammad1928 to streuli-mnem * update according to discussion in PR: highlight flyway as a tool for database versioning. * Update contributions/presentation/week3/streuli-mnem/README.md Thanks! Co-authored-by: Aman Sharma * add proposal for feedback * adjust deadline * add team member * add readme for task proposal * add readme for task demo * add break * doc: fix the task category * remove readme * Update contributions/scientific-paper/week6/streuli-prerna/README.md Co-authored-by: Aman Sharma * add description of SAST and DAST * Add notification that feedback was added --------- Co-authored-by: David Streuli Co-authored-by: Aman Sharma Co-authored-by: DavidCWQ --- contributions/feedback/streuli-mqnguyen/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/contributions/feedback/streuli-mqnguyen/README.md b/contributions/feedback/streuli-mqnguyen/README.md index db165c8c98..739bcc474f 100644 --- a/contributions/feedback/streuli-mqnguyen/README.md +++ b/contributions/feedback/streuli-mqnguyen/README.md @@ -19,4 +19,6 @@ Task 1 ## Description -We would like to submit feedback for [#2423](https://github.com/KTH/devops-course/pull/2423) \ No newline at end of file +We would like to submit feedback for [#2423](https://github.com/KTH/devops-course/pull/2423) + +The feedback has been added [here](https://github.com/KTH/devops-course/pull/2423#issuecomment-2389168718). From f139f975548ed5e46d5ba94c069491a82cde57ca Mon Sep 17 00:00:00 2001 From: Hampus Hallkvist <30767818+hampfh@users.noreply.github.com> Date: Thu, 3 Oct 2024 07:21:06 +0200 Subject: [PATCH 33/56] Add submission for hampushallkvist and melvinjakobsson (#2575) Co-authored-by: Melvin Jakobsson --- contributions/executable-tutorial/hallkvi-melvinj/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/contributions/executable-tutorial/hallkvi-melvinj/README.md b/contributions/executable-tutorial/hallkvi-melvinj/README.md index adbda43df4..31aaf685a4 100644 --- a/contributions/executable-tutorial/hallkvi-melvinj/README.md +++ b/contributions/executable-tutorial/hallkvi-melvinj/README.md @@ -27,3 +27,9 @@ Elements of the tutorial: **Relevance** While cloud providers such as Google Cloud Platform, AWS, Azure etc provide great value, they come at a cost. Both in terms of the financials of running infrastructure on them but also in terms of security and privacy. Self-hosted continuous deployment is an option, but the setup can be complicated. The most important steps are the containerization of the application and integration of continuous delivery to a container registry, like the GitHub container registry. + +**Submission** + +The Git Repo of the tutorial: https://github.com/kth-cdate-courses/DD2482-executable-tutorial + +The tutorial: https://killercoda.com/hampushallkvist-melvinjakobsson From 71d5da8841aaf3d4c4416527a0c82622c78e02cf Mon Sep 17 00:00:00 2001 From: Alexanderliu2002 <144798511+Alexanderliu2002@users.noreply.github.com> Date: Sun, 6 Oct 2024 18:06:24 +0200 Subject: [PATCH 34/56] Week 7: Presentation proposal (#2585) * Create aleliu-jakstrom * feedback proposal * . * Update README.md * added gustaf * presentation proposal * presentation proposal --- .../week7/aleliu-jakstrom/README.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/presentation/week7/aleliu-jakstrom/README.md diff --git a/contributions/presentation/week7/aleliu-jakstrom/README.md b/contributions/presentation/week7/aleliu-jakstrom/README.md new file mode 100644 index 0000000000..9ee7fa423f --- /dev/null +++ b/contributions/presentation/week7/aleliu-jakstrom/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +Understanding GDPR and its importance for DevOps + +## Names and KTH ID + + - Alexander Liu (aleliu@kth.se) + - Jakob Ström (jakstrom@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Presentation + + +## Description + +In this presentation we will explain what GDPR is and how it impacts DevOps. In this presentation, we will go through how to follow GDPR with good DevOps practices. + +**Relevance** + +GDPR has had a great consequences on software engineering and how DevOps-developers must work in order to comply and minimize risks of unintentional compliance breaches. \ No newline at end of file From b2c923a223cbef4eedf5a9b042eb8334a7d1b767 Mon Sep 17 00:00:00 2001 From: Max Israelsson Date: Mon, 7 Oct 2024 13:09:44 +0200 Subject: [PATCH 35/56] Executable tutorial proposal (#2574) * Create README.md * docs: add README.md --- .../maxisr-raeef/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/executable-tutorial/maxisr-raeef/README.md diff --git a/contributions/executable-tutorial/maxisr-raeef/README.md b/contributions/executable-tutorial/maxisr-raeef/README.md new file mode 100644 index 0000000000..89cb1f9972 --- /dev/null +++ b/contributions/executable-tutorial/maxisr-raeef/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +Dependency Management and Security Auditing in npm with Snyk + GitHub Actions + +## Names and KTH ID + +- Max Israelsson (maxisr@kth.se) +- Rafael Bechara (raeef@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable Tutorial + +## Description + +We will guide users through managing, checking, and securing npm dependencies. The tutorial will start with using npm audit for basic vulnerability detection. We will then show how to add Snyk for better scanning and analysis. We'll also include a section on how to integrate this with GitHub Actions, showing how to create the necessary YAML files. + +We want to create this executable tutorial with Killercoda. + +**Relevance** + +This is relevant for DevOps because keeping dependencies secure makes the software safer and more reliable, which can help prevent issues from reaching production. \ No newline at end of file From 907729ab568c8712f9754ba4268c8155ab2eb61d Mon Sep 17 00:00:00 2001 From: Hexu <150388632+HexuL@users.noreply.github.com> Date: Mon, 7 Oct 2024 13:10:58 +0200 Subject: [PATCH 36/56] Executable tutorial proposal (#2573) * Add files via upload * Update README.md * Update README.md * Add files via upload * Add files via upload * Update README.md * Update README.md * Update README.md * Update README.md * Add files via upload * Update README.md --- .../hexu-tianning/README.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 contributions/executable-tutorial/hexu-tianning/README.md diff --git a/contributions/executable-tutorial/hexu-tianning/README.md b/contributions/executable-tutorial/hexu-tianning/README.md new file mode 100644 index 0000000000..d94f160f64 --- /dev/null +++ b/contributions/executable-tutorial/hexu-tianning/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Using Skaffold for Local Kubernetes Development and CI/CD. + +## Names and KTH ID + +- Hexu Li (hexu@kth.se) +- Tianning Liang (tianning@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable Tutorial + +## Description + +We will introduce how to use Skaffold for automating build, push, and deployment in a local Kubernetes cluster (Minikube). We plan to create a simple application, write its Dockerfile and Kubernetes manifest, and use Skaffold to streamline development. + +**Relevance** + +Skaffold can simplify the CI/CD process and speed up deployment, making it easier to modify and debug configurations. From 9b0fdc9a54d16d059f7c3b04d82a81c32bf9677c Mon Sep 17 00:00:00 2001 From: Limph1 <50419178+Limph1@users.noreply.github.com> Date: Mon, 7 Oct 2024 13:12:02 +0200 Subject: [PATCH 37/56] Feedback proposal (#2581) * Feedback proposal * added collaborator --- contributions/feedback/arberl-liley/README.md | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 contributions/feedback/arberl-liley/README.md diff --git a/contributions/feedback/arberl-liley/README.md b/contributions/feedback/arberl-liley/README.md new file mode 100644 index 0000000000..7c92704756 --- /dev/null +++ b/contributions/feedback/arberl-liley/README.md @@ -0,0 +1,22 @@ +# Assignment Proposal + +## Title + +Feedback on "Setting Up a Dashboard using Splunk" + +## Names and KTH ID + +- Arber Limani (arberl@kth.se) +- Jonas Liley (liley@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Feedback + +## Description + +We would like to give feedback for [this executable tutorial](https://github.com/KTH/devops-course/pull/2451). From 7927ab5833023c420d33340f79d66415504e0134 Mon Sep 17 00:00:00 2001 From: linusPersonalGit Date: Mon, 7 Oct 2024 13:15:43 +0200 Subject: [PATCH 38/56] Executable tutorial proposal (#2572) * Create README.md * Update README.md --- .../linussve-vanjav/README.md | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 contributions/executable-tutorial/linussve-vanjav/README.md diff --git a/contributions/executable-tutorial/linussve-vanjav/README.md b/contributions/executable-tutorial/linussve-vanjav/README.md new file mode 100644 index 0000000000..07a029a46b --- /dev/null +++ b/contributions/executable-tutorial/linussve-vanjav/README.md @@ -0,0 +1,33 @@ +**The pull request must both contain a README.md and have description following this template:** + +**The README.md file must be located in the directory**: + +`contributions//[/]-/README.md` + +# Assignment Proposal + +## Title + +Headless web testing using Selenium in Python + +## Names and KTH ID + + - Vanja Vidmark (vanjav@kth.se) + - Linus Svensson (linussve@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable tutorial + +## Description + +We will an executable tutorial of doing headless testing on a web browser using Selenium. We will include showing how selenium can be used to automate web actions from Python. Then we will write tests in unitest using these automated actions such as filling out forms and navigating through multiple web pages. +We will analyze the results of the tests, and explain how these tests can be integrated in a CI/CD pipeline. The tutorial will be made using Google Colab. + +**Relevance** + +Selenium is a tool that automates web actions that easily can be integrated in testing of a web app. The topic of DevOps highly regards automation, optimization and general improvements in the structure of a project. Few things align more with DevOps more than automated web testing. Considering that it is vastly beneficial for developers. From 22b3f31c343448fde9ed6567f9fca346c975a20d Mon Sep 17 00:00:00 2001 From: Lindefor <83233481+Lindefor@users.noreply.github.com> Date: Mon, 7 Oct 2024 15:16:20 +0200 Subject: [PATCH 39/56] Executable tutorial: proposal (#2529) * Week 6 Demo Proposal * correct tutorial proposal * Update README.md * add feedback proposal * remove feedback proposal from this branch --- .../tljun-lindefor/README.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 contributions/executable-tutorial/tljun-lindefor/README.md diff --git a/contributions/executable-tutorial/tljun-lindefor/README.md b/contributions/executable-tutorial/tljun-lindefor/README.md new file mode 100644 index 0000000000..23f8bf0f3a --- /dev/null +++ b/contributions/executable-tutorial/tljun-lindefor/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Working with Kubernetes and Docker to deploy and scale a web application + +## Names and KTH ID + +- Tobias Ljunggren (tljun@kth.se) +- Martin Lindefors (lindefor@kth.se) + +## Deadline + +- Task 2 + +## Category + +- executable-tutorial + +## Description + +This tutorial provides a guide to building, containerizing, and deploying a Node.js application using Docker and Kubernetes on a single local system. Participants will start by creating a small Node.js application. They will then learn how to create a Dockerfile to containerize the application and run it locally to verify functionality. The tutorial continues with setting up a local Kubernetes cluster using Minikube. Participants will deploy the Docker container to Kubernetes, expose it via a Service, and scale the application by increasing the number of replicas. Moving on to more advanced features, the tutorial will demonstrate how to implement role-based access control (RBAC) within the Kubernetes environment. This is to show how you can manage permissions and ensure that different users and services have the appropriate level of access to resources. The tutorial will contain how to set up RBAC policies, create roles and role bindings, and assign them to users and service accounts. The tutorial will also use the Kubernetes secrets functionality. + +**Relevance** + +This tutorial is relevant to DevOps since it teaches important skills in containerization and orchestration using Docker and Kubernetes. By learning how to build, deploy, and scale applications in a consistent and automated way, tutorial participants will be more prepared to work in complex application environments. Furthermore, Docker is a DevOps tool that everyone should be familiar with, and Kubernetes is required for scaling up a growing application. From e83a85eb641ff33a10a578aa55287e4f89c94eec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=8D=C3=B1igo=20Ar=C3=A9jula=20A=C3=ADsa?= Date: Mon, 7 Oct 2024 15:16:37 +0200 Subject: [PATCH 40/56] contribution submission (#2571) * Week 3: demo proposal * sections * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md --------- Co-authored-by: Jacopo Maragna <91907141+jackma-00@users.noreply.github.com> --- .../open-source/inigoaa-jmaragna/README.md | 68 +++++++++++++++++++ 1 file changed, 68 insertions(+) diff --git a/contributions/open-source/inigoaa-jmaragna/README.md b/contributions/open-source/inigoaa-jmaragna/README.md index 25c45a7413..468a58e58f 100644 --- a/contributions/open-source/inigoaa-jmaragna/README.md +++ b/contributions/open-source/inigoaa-jmaragna/README.md @@ -34,3 +34,71 @@ Now, an outline of the various tasks we aim to solve: Prometheus is crucial in DevOps for its ability to monitor (Week 7) and analyze system performance in real-time. It helps teams collect metrics, set alerts, and automate responses, ensuring system reliability and quick incident resolution. This enhances the core DevOps practices of continuous integration, deployment, and collaboration. Link: https://github.com/prometheus/prometheus/pull/14958 + + +**Finding the task** + +After exploring potential projects on the Cloud Native Computing Foundation [website](https://www.cncf.io/projects/), we initially considered contributing to [Backstage](https://www.cncf.io/projects/backstage/) or [Kubeflow](https://www.cncf.io/projects/kubeflow/). Ultimately, we decided to contribute to Prometheus, a project highly relevant to our DevOps course. We reached out to the maintainers through the Cloud Native Computing Foundation Slack, where they recommended we begin with this [issue](https://github.com/prometheus/prometheus/issues/13959), which is described earlier in the file. + +We carefully reviewed the discussion surrounding the issue, gaining a clear understanding of both the problem and the proposed solutions. After expressing our interest in working on the issue and requesting further guidance, one of the maintainers suggested we reference an abandoned [pull request](https://github.com/prometheus/prometheus/pull/14160). Once we were assigned the issue, we used that input as a foundation and began working on the solution. + +**Understanding the project architecture and source code** +After being assigned the issue by a project maintainer, we decided that the best way to set up the environment and understand the project was by running the tests within the project. We started by running `go test ./...` in the project's root directory. This command will install any required module defined in the `go.mod` file and run all the tests in the project. However we could not install the moduled, receiving the following error. +![version error](https://github.com/user-attachments/assets/f017e73a-264e-474e-af38-52b6217e23ea) + + +We did not know what was the cause of the error and there was not too much information about it on internet. We try to read the following files to find some information about the error: +- Makefile +- go.mod +- go.sum +- README.md +- Contributing.md + +We realize that the go version required was specified in the `go.mod` file, but was shocking that two differnt versions were specified `1.22` for go runtime and `1.23` for the toolchain, we realized that the default version provided in Ubuntu by `apt` was older than the required one, so we try to install the latest go version from the official website. After installing the latest version of go, we were able to tun the tests. However, they did not passed. We encountered several issues as not all dependencies were installed, nor were they clearly defined anywhere. To resolve this, we asked for guidance in the project's Slack channel. A maintainer recommended that we install the linter, but this alone was insufficient. We also discovered that we needed to install goyacc. + +Once that was done, some tests passed successfully, but we still encountered issues with tests in the UI folder. We realized that these tests were written in JavaScript, while the rest of the project, including our task, was primarily in Go. After reviewing the Makefile, we realized the test instructions allowed us to run only the Go tests. Once we reran the tests using the appropriate command, they all passed successfully. +```bash +make test GO_ONLY=1 +``` +After preparing our project, we decided to focus on our task and deeply understand the code we must change. As an orphan PR was related to our task we checked it to take some inspiration, this helped us to realise which files we should modify, however, the code was outdated and a review suggested many changes, so we decided to note the changes and start from scratch. +**Development** +As a team, we discussed how to approach the problem and created small subtasks that each team member could handle independently. Since the issue was related to the configuration of the Prometheus binary, the changes impacted both the main and scraper modules. The main module handles the various flags, while the scraper module is responsible for the logic related to the issue. + +At this point, we faced a decision: Should we remove the option entirely and make the new default the only available behaviour, or should we retain the option to allow the old behaviour as well? After reviewing previous discussions in Slack and on GitHub, we realized that the maintainers preferred removing the old behaviour. + +We divided the work by splitting each module into equal parts, allowing both of us to contribute simultaneously to both modules. + +After completing the changes and updating the tests, we ran the tests to ensure that the changes did not break any existing functionality. We also ran the linter to ensure that the code was clean and followed the project's standards. However, both of them failed. The Golang test told us that the documentation did not match the code. We updated the documentation manually but there was a way to do it automatically, after running the command for creating the doc, all tests passed. +![test_doc](https://github.com/user-attachments/assets/8fffa204-0c6f-47b7-9469-7465d1511643) + +The linter failed but gave us descriptive changes so was easy to solve them, after solving the linter issues we ran the tests again and all of them passed. So we made a commit and created the PR, which passed all the CI pipelines. +![lint error](https://github.com/user-attachments/assets/28e4512c-31ae-4ed3-bc9c-ceae5896e3f1) + +**Final issue** + +After completing all the necessary changes and ensuring our code passed all tests, we submitted a [PR](https://github.com/prometheus/prometheus/pull/14958) to Prometheus. While all tests were successful, we awaited approval from the maintainers. Although this was marked as a first issue, the changes we proposed could have broken the current v3 logic. As a result, the maintainers discussed how to smoothly integrate the new behaviour into future versions. + +However, after a few days of discussion, an unexpected situation arose. The original author of the previous, abandoned PR (which we had used for reference) suddenly reappeared and submitted changes after four months of inactivity. The maintainers, seemingly unaware of our prior conversations and the rationale behind our PR, questioned why we had submitted it, given its similarity to the older one. Despite the potential for our PR to be merged, they ultimately decided to close it and prioritize the original PR. + +We eventually clarified the situation with the maintainers, and they acknowledged the confusion. They recognized that our PR had been submitted in good faith following earlier discussions and the guidance we received. + +**Open-sources contribution grading criteria** + +To demonstrate how our contribution aligns with the grading criteria, we have compiled the following table outlining the key points we've addressed: + +| | Yes | No | +|-------------------------------------------- | ----|----| +|declaration of intention: The intention to contribute is declared in the project's preferred method (e.g., issue, mailing list). | Yes: issue | | +|work-in-progress (WIP): The contribution is marked as WIP until it is ready for review. | Yes: we were assigned and opened a PR with ongoing discussion | | +|ready for review: The contribution is marked as ready and announced for review when it is complete. | Yes: we passed all of the checks in the CI | | +|conversation: The contributor engages in conversation with the project maintainers, responding to feedback in a timely manner and making necessary changes. | Yes: check the conversation under the issue and our PR | | +|documentation: The contribution includes necessary documentation updates. | Yes: docs updated accordingly | | +|testing: The contribution includes necessary testing. | Yes: we modified tests and passed all of them | | +|code quality: The code contributed is of high quality, following the project's coding standards and guidelines. | Yes: passed the linting phase | | +|relevance: The contribution is relevant to the project's roadmap and adds value to the project. | Yes: breaking change so definitely yes. Long awaited issue | | +|difficulty: The contribution is a difficult piece of engineering, either a bug fix or a new feature (mandatory) | Yes: Prometheus is a big project and required us to gain a good understanding | | +|merge: The contribution is merged in the main branch of the target project.| | No: see issue with that | + +**Conclusion** + +Overall, this process has been a valuable experience for us in understanding a large open-source codebase. We learned how to identify important issues and explore how new solutions can be integrated into future versions. Contributing, even in a small way, to such a significant project was highly rewarding. Although the unexpected situation at the end was unfortunate, we successfully identified a good first issue, engaged with the maintainers, studied the project in depth, developed our solution, and opened a PR. The entire experience has been a great learning opportunity. From d76be86ef0bee1af5e069a66dec4b30be3ab2d5a Mon Sep 17 00:00:00 2001 From: laullaurado <80075476+laullaurado@users.noreply.github.com> Date: Mon, 7 Oct 2024 15:17:57 +0200 Subject: [PATCH 41/56] Executable tutorial proposal (#2557) * Create README.md * Update README.md --- .../lllr-shahoud/README.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 contributions/executable-tutorial/lllr-shahoud/README.md diff --git a/contributions/executable-tutorial/lllr-shahoud/README.md b/contributions/executable-tutorial/lllr-shahoud/README.md new file mode 100644 index 0000000000..68a08b50b9 --- /dev/null +++ b/contributions/executable-tutorial/lllr-shahoud/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Simulating failures in applications using Chaos Mesh + +## Names and KTH ID + + - Lauren Lissette Llauradó Reyes (lllr@kth.se) + - Siham Shahoud (shahoud@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable tutorial + +## Description + +Chaos Mesh is a tool that simulates faults in applications, mimicking real-world scenarios in development, testing and production environments. In this tutorial we're going to deploy a simple application and use Chaos Mesh to simulate network failures and stress scenarios. We will also guide the user through the inspection of the experiments' results using the Chaos Mesh dashboard and the command line. + +**Relevance** + +Chaos engineering is very important to identify potential failure points and correct them before they cause an actual outage or other disruption in our deployments. From 46627f07396cba7c41fc6f4e025e495fb059467f Mon Sep 17 00:00:00 2001 From: Amin Nouiser <57321964+noizy-sthlm@users.noreply.github.com> Date: Tue, 8 Oct 2024 01:30:17 +0200 Subject: [PATCH 42/56] Added final submission with links to the tutorial and Git Repo (#2568) ----- Co-authored-by: Sam Maltin --- contributions/executable-tutorial/smhanna-anouiser/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/contributions/executable-tutorial/smhanna-anouiser/README.md b/contributions/executable-tutorial/smhanna-anouiser/README.md index e7b3485993..61abc3f189 100644 --- a/contributions/executable-tutorial/smhanna-anouiser/README.md +++ b/contributions/executable-tutorial/smhanna-anouiser/README.md @@ -23,4 +23,7 @@ The tutorial will demonstrate how to set up and manage a multibranch pipeline fo **Relevance** -As automation is a core principle of DevOps, this tutorial is highly relevant to good DevOps practices. \ No newline at end of file +As automation is a core principle of DevOps, this tutorial is highly relevant to good DevOps practices. + +Killercoda: https://killercoda.com/noizy-sthlm/scenario/killercoda +GitHub: https://github.com/noizy-sthlm/multibranch-k8s-cd-tutorial \ No newline at end of file From d1d09491e76ce4ddc0864fa1da6ff7a4c43a5195 Mon Sep 17 00:00:00 2001 From: Smissen <71182201+Smissen@users.noreply.github.com> Date: Tue, 8 Oct 2024 01:44:45 +0200 Subject: [PATCH 43/56] Executable Tutorial Proposal - jmatsso, oschel (#2565) * add README.md * change to task * maybe fix check? * add assignment proposal * Made link to devops stronger --- .../jmatsso-oschel/README.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 contributions/executable-tutorial/jmatsso-oschel/README.md diff --git a/contributions/executable-tutorial/jmatsso-oschel/README.md b/contributions/executable-tutorial/jmatsso-oschel/README.md new file mode 100644 index 0000000000..d66dff948a --- /dev/null +++ b/contributions/executable-tutorial/jmatsso-oschel/README.md @@ -0,0 +1,30 @@ +# Assignment Proposal + +## Title + +Profiling Python Applications Without Modifying Code With Py-Spy + +## Names and KTH ID + + - Johannes Matsson (jmatsso@kth.se) + - Oscar Hellgren (oschel@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable tutorial + +## Description + +We will be using this tutorial to show how to use py-spy, a python sampling profiler, to quickly improve performance. The tool tracks how much time is spent executing various parts of the program which helps the developer narrow down problematic areas of code faster. It can be attached to running python process, without code change or restarts required. All with a low overhead that makes it suitable to be used even in production + +**Relevance** + +The flexibility and automation of the tool makes it suitable in fast moving environments where it helps developers save time performance tuning, reducing time from coding to user. It can then be used in production to monitor performance so elusive bugs can be stopped easier. Identifying bottlenecks is not always easy in production code and using tools such as py-spy that can help with profiling and tracing makes it much easier for developers to do their job, therefore it is om importance to DevOps. + +The insights gained from local profiling with py-spy can directly inform what to monitor in production. For example, if local profiling highlights specific functions or parts of the code that are resource-intensive, these areas can become key monitoring metrics in production +Py-spy works well in production environments, where it can be attached to running Python applications without restarting or modifying the code. This non-intrusive capability is critical in production monitoring, as downtime or code changes are often not acceptable. +Some other features except that it can attach to running processes is that it has low overhead and also can produce flame-graphs for visualisation. Also py-spy can be used both for pre-deployment testing and post-deployment monitoring for example in canary or blue-green deployments \ No newline at end of file From 597e99fb30eba46ebc38a5f57d12549b38bbccc9 Mon Sep 17 00:00:00 2001 From: Flug0 <92332371+Flug0@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:03:56 +0200 Subject: [PATCH 44/56] Week 7: Presentation Proposal (#2592) * Added demo proposal * Week 7, presentation proposal * Update title --- .../week7/hugomal-oschel/README.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 contributions/presentation/week7/hugomal-oschel/README.md diff --git a/contributions/presentation/week7/hugomal-oschel/README.md b/contributions/presentation/week7/hugomal-oschel/README.md new file mode 100644 index 0000000000..5e4837b1a6 --- /dev/null +++ b/contributions/presentation/week7/hugomal-oschel/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +ChatOps Bots for Monitoring and Incident Response in DevOps + +## Names and KTH ID + + - Oscar Hellgren (oschel@kth.se) + - Hugo Malmberg (hugomal@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Presentation + + +## Description + +In this presentation we will explain software bots and how they can be used to monitor platforms, both to quickly spot issues in production and speed up testing. + +**Relevance** + +Getting quick updates on issues is important, especially in production where the consequences can be large. Monitoring can also speed up testing of software, thus decreasing the time from coding to production while keeping high quality. From 9e1d2c9ec6657f91a6fcf78ba251c43e6ce7bc47 Mon Sep 17 00:00:00 2001 From: TobbeCarlsson <76130967+TobbeCarlsson@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:08:06 +0200 Subject: [PATCH 45/56] feedback PR (#2588) --- .../feedback/tocarls-lindefor/README.md | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 contributions/feedback/tocarls-lindefor/README.md diff --git a/contributions/feedback/tocarls-lindefor/README.md b/contributions/feedback/tocarls-lindefor/README.md new file mode 100644 index 0000000000..283ffa840a --- /dev/null +++ b/contributions/feedback/tocarls-lindefor/README.md @@ -0,0 +1,22 @@ +# Assignment Proposal + +## Title + +Feedback for Presentation [AI Anomaly Detection for log monitoring](https://github.com/KTH/devops-course/pull/2496) + +## Names and KTH ID + + - Tobias Carlsson (tocarls@kth.se) + - Martin Lindefors (lindefor@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Feedback + +## Description + +We will provide feedback to the Presentation [AI Anomaly Detection for log monitoring](https://github.com/KTH/devops-course/pull/2496) made by Melvin Jakobsson and Jonatan Tuvstedt. We have confirmed with them that this is okay. \ No newline at end of file From 1a956da920fadba3df1032fde4f542f2ff6e4305 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Thiberg?= <42668688+bjornthiberg@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:09:58 +0200 Subject: [PATCH 46/56] Feedback proposal executable tutorial (#2593) --- contributions/feedback/bthiberg-omidfm.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 contributions/feedback/bthiberg-omidfm.md diff --git a/contributions/feedback/bthiberg-omidfm.md b/contributions/feedback/bthiberg-omidfm.md new file mode 100644 index 0000000000..a0f15e2ded --- /dev/null +++ b/contributions/feedback/bthiberg-omidfm.md @@ -0,0 +1,22 @@ +# Assignment Proposal + +## Title + +Feedback for "Monitoring ML Model Predictions with Prometheus" tutorial. + +## Names and KTH ID + + - Björn Thiberg (bthiberg@kth.se) + - Omid Fattahi Mehr (omidfm@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Feedback + +## Description + +We would like to give feedback to the Executable tutorial "Monitoring ML Model Predictions with Prometheus", proposed in #2563. From 708b4681bcbcfdb00439f071a69a977c7c33ddb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Lai=20Wikstr=C3=B6m?= <73502398+dannolaius@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:11:35 +0200 Subject: [PATCH 47/56] Create linussve-daniellw (#2599) --- .../presentation/week7/linussve-daniellw | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 contributions/presentation/week7/linussve-daniellw diff --git a/contributions/presentation/week7/linussve-daniellw b/contributions/presentation/week7/linussve-daniellw new file mode 100644 index 0000000000..59fad7ed77 --- /dev/null +++ b/contributions/presentation/week7/linussve-daniellw @@ -0,0 +1,24 @@ +# Assignment Proposal + +## Title + +Metrics vs Logging for DevOps Monitoring (Comparing Prometheus and ELK Stack) + +## Names and KTH ID + + - Linus Svensson (linussve@kth.se) + - Daniel Lai Wikström (daniellw@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Presentation + +Monitoring is critical in DevOps because it enables the developer to detect issues early, ensure system reliability and performance, as well as provide data for troubleshooting and optimisation. The two types of monitoring, metrics and logs, are both valid options, each with the possibility to be the optimal solution depending on the scenario. To know when to use what type of monitoring, is vastly beneficial for a DevOps engineer. + +**Relevance** + +In this presentation we’ll be looking at the tools Prometheus and ELK stack for monitoring. The tools represent two different approaches to observability. ELK stack analyzes log data while Prometheus looks at metrics. We’ll then be comparing the two to determine the types of situation where each tool excels. From bdfacdcd28e0bfc5fa77a5600354e283b9c0e8fb Mon Sep 17 00:00:00 2001 From: Jonatan Tuvstedt <57487033+Glassar@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:14:26 +0200 Subject: [PATCH 48/56] Added Feedback (#2612) * Set up proposal README * Flesh out description * Add relevance section * Set up PR README * First PR draft * Update README.md --- contributions/feedback/jtuv-jmaragna/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/contributions/feedback/jtuv-jmaragna/README.md b/contributions/feedback/jtuv-jmaragna/README.md index d25e08eafb..dfb10327e7 100644 --- a/contributions/feedback/jtuv-jmaragna/README.md +++ b/contributions/feedback/jtuv-jmaragna/README.md @@ -21,3 +21,5 @@ Feedback for Executable Tutorial [Managing project dependencies with Devbox](htt We will provide feedback to the Executable Tutorial [Managing project dependencies with Devbox](https://github.com/KTH/devops-course/pull/2470) made by Íñigo Aréjula Aísa and Pere Mateu Raventós on Devbox. + +The feedback has been added [here](https://github.com/KTH/devops-course/pull/2470#issuecomment-2396379123) From 2b3fd98bab757a42821548d4a35ef4cf7fc547f9 Mon Sep 17 00:00:00 2001 From: Tom Sorger <61782513+t-sorger@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:19:34 +0200 Subject: [PATCH 49/56] fix link for scientific paper criteria (#2601) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 93646478d5..dcceb24c55 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ The schedule is at To pass the course, the student has to complete and pass between 3 and 5 tasks: -* The tasks are in category: "[presentation (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#presentations)", "[demo (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#demos)", "[scientific paper](https://github.com/KTH/devops-course/blob/2024/grading-criteria.paper)", "[executable tutorial](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#executable-tutorials)", "[contribution to open-source](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#open-source-contributions)", "[feedback](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#feedback)" (presentation and demos are mandatory, at most one in the same category, it is not necessary to cover everything). +* The tasks are in category: "[presentation (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#presentations)", "[demo (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#demos)", "[scientific paper](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#scientific-papers)", "[executable tutorial](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#executable-tutorials)", "[contribution to open-source](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#open-source-contributions)", "[feedback](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#feedback)" (presentation and demos are mandatory, at most one in the same category, it is not necessary to cover everything). * The [grading criteria page](grading-criteria.md) is the unique reference which explains how to pass each task category. * The student proposes a category and a topic, which is discussed and accepted by the TA. The proposal is made as a [structured pull-request](https://github.com/KTH/devops-course/blob/2024/.github/pull_request_template.md) on this repository. The 3-5 graded contributions must have little overlap. * The same student cannot choose the same topic for two different tasks. The 3-5 tasks should cover different aspects of DevOps. From d6bf83dfe918c73f18a2de53c4c9ab42c6ac1b05 Mon Sep 17 00:00:00 2001 From: DavidQ Date: Tue, 8 Oct 2024 02:23:12 +0200 Subject: [PATCH 50/56] doc: add feedback proposal for week 7 demo (#2607) --- contributions/feedback/wenqic-amano/README.md | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 contributions/feedback/wenqic-amano/README.md diff --git a/contributions/feedback/wenqic-amano/README.md b/contributions/feedback/wenqic-amano/README.md new file mode 100644 index 0000000000..94cc993bfb --- /dev/null +++ b/contributions/feedback/wenqic-amano/README.md @@ -0,0 +1,25 @@ +# Assignment Proposal + +## Title + +Feedback on Demo [Infrastructure as Code Using Ansible Playbooks](contributions/demo/week7/arberl-sorger) + +## Names and KTH ID + + - Wenqi Cao (wenqic@kth.se) + - Katsutoshi Amano (amano@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Feedback + +## Description + +We would like to provide a feedback for [Infrastructure as Code Using Ansible Playbooks](https://github.com/KTH/devops-course/tree/2024/contributions/demo/week7/arberl-sorger) + +The feedback will be posted as a comment under their PR. + From 19e794e7970886d9970f235c5cc88fb2c056f094 Mon Sep 17 00:00:00 2001 From: peremateu <101317967+peremateu@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:23:54 +0200 Subject: [PATCH 51/56] Added submitted state (#2600) --- contributions/executable-tutorial/peremr-inigoaa/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/contributions/executable-tutorial/peremr-inigoaa/README.md b/contributions/executable-tutorial/peremr-inigoaa/README.md index af9fa301ca..2f48fbead0 100644 --- a/contributions/executable-tutorial/peremr-inigoaa/README.md +++ b/contributions/executable-tutorial/peremr-inigoaa/README.md @@ -32,3 +32,6 @@ Devbox is relevant to DevOps as it simplifies creating reproducible development **Links to our tutorial** Killercoda [https://killercoda.com/arejula27/scenario/devbox-tutorial](https://killercoda.com/arejula27/scenario/devbox-tutorial) Github repository [https://github.com/arejula27/devbox-tutorial](https://github.com/arejula27/devbox-tutorial) + +**State** +Submitted \ No newline at end of file From ee5b9cc37dd2c071c4e3ff12867b4cf17697e109 Mon Sep 17 00:00:00 2001 From: kninks <92243748+kninks@users.noreply.github.com> Date: Tue, 8 Oct 2024 02:24:57 +0200 Subject: [PATCH 52/56] Create README.md (#2610) --- .../feedback/sapinski-kankanit/README.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 contributions/feedback/sapinski-kankanit/README.md diff --git a/contributions/feedback/sapinski-kankanit/README.md b/contributions/feedback/sapinski-kankanit/README.md new file mode 100644 index 0000000000..1344e1610e --- /dev/null +++ b/contributions/feedback/sapinski-kankanit/README.md @@ -0,0 +1,24 @@ +# Assignment Proposal + +## Title + +Feedback for Executable Tutorial "Setting Up OPA for Kubernetes Policy Enforcement". + +## Names and KTH ID + +- Christopher Sapinski (sapinski@kth.se) +- Kankanit Suppataratarn (kankanit@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Feedback + +## Description + +We would like to give feedback on the executable tutorial "Setting Up OPA for Kubernetes Policy Enforcement" + +Executable tutorial: https://github.com/KTH/devops-course/pull/2609. From a032a29ed10e0ec081143934c6522c6c514ded61 Mon Sep 17 00:00:00 2001 From: Martin Monperrus Date: Tue, 8 Oct 2024 10:17:02 +0200 Subject: [PATCH 53/56] week7 --- contributions/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/contributions/README.md b/contributions/README.md index 8644d9e014..549d4230d6 100644 --- a/contributions/README.md +++ b/contributions/README.md @@ -114,3 +114,16 @@ General Intro about the course. 1. [Using static analysis with SonarCloud to identify security flaws.](https://github.com/KTH/devops-course/pull/2558) 1. [Automating Private Dependency Management and Version Integration](https://github.com/KTH/devops-course/pull/2569) +### Week 7 + +1. [DevOps Education - Challenges and Recommendations](https://github.com/KTH/devops-course/pull/2448) +1. [RefBot: Intelligent Software Refactoring Bot](https://github.com/KTH/devops-course/pull/2456) +1. [AI Anomaly Detection for log monitoring](https://github.com/KTH/devops-course/pull/2496) +1. [Infrastructure as Code Using Ansible Playbooks](https://github.com/KTH/devops-course/pull/2536) +1. [DevOps at Scale: Managing Complex Service Architectures in Large Technical Companies](https://github.com/KTH/devops-course/pull/2523) +1. [Chaos Engineering with Chaos Monkey](https://github.com/KTH/devops-course/pull/2549) +1. [Data Version Control for MLOps with DVC](https://github.com/KTH/devops-course/pull/2560) +1. [A Case Study of Developer Bots: Motivations, Perceptions, and Challenges](https://github.com/KTH/devops-course/pull/2532) +1. [Understanding GDPR and its importance for DevOps](https://github.com/KTH/devops-course/pull/2585) +1. [ChatOps Bots for Monitoring and Incident Response in DevOps](https://github.com/KTH/devops-course/pull/2592) + From b96c5f383332afb968d368624af297447f68b8b8 Mon Sep 17 00:00:00 2001 From: Jonas-Liley <44163160+Jonas-Liley@users.noreply.github.com> Date: Tue, 8 Oct 2024 11:31:44 +0200 Subject: [PATCH 54/56] Week 7: Presentation proposal (#2614) * Added proposal * Week 6: Scientific paper proposal * Added demo proposal * Add contribution week7 * Remove prior proposal --------- Co-authored-by: Jonas Liley Co-authored-by: Jonas Liley --- .../presentation/week7/liley/README.md | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 contributions/presentation/week7/liley/README.md diff --git a/contributions/presentation/week7/liley/README.md b/contributions/presentation/week7/liley/README.md new file mode 100644 index 0000000000..bb68e51133 --- /dev/null +++ b/contributions/presentation/week7/liley/README.md @@ -0,0 +1,25 @@ +# Assignment Proposal + +## Title + +Software licencing overview and compliance automation + +## Names and KTH ID + +- Jonas Liley (liley@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Presentation + +## Description + +In this presentation we will introduce the different licencing types and cover some of the most common licences including their implications. We will also propose (a) solution(s) to automate licence compliance checks using code/tools in a CI/CD pippeline. + +**Relevance** + +Licenses are an important topic for legal compliance and risk mitigation, especially if the produced software product is supposed to be re-licensed and sold. As one can see with the license change of elasticsearch from an open-source Apache 2.0 license to a more restrictive Server Side Public License (SSPL), software licensing can have a massive impact on companies and software products. From 7b45f921e7a545c60162e3688b03281bc4eee651 Mon Sep 17 00:00:00 2001 From: Diogo Correia Date: Tue, 8 Oct 2024 11:32:12 +0200 Subject: [PATCH 55/56] task 2: diogotc-rmfseo feedback submission (#2578) Submission for PR #2564 --- contributions/feedback/diogotc-rmfseo/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contributions/feedback/diogotc-rmfseo/README.md b/contributions/feedback/diogotc-rmfseo/README.md index e4f206ce5a..126ce0f415 100644 --- a/contributions/feedback/diogotc-rmfseo/README.md +++ b/contributions/feedback/diogotc-rmfseo/README.md @@ -21,3 +21,7 @@ Feedback ## Description We want to provide feedback to Tomás and Wenqi before their presentation on Wednesday. + +**Feedback Submission** + +The feedback can be found as a [comment on the PR](https://github.com/KTH/devops-course/pull/2546#issuecomment-2386235473). From 20961f956c1d224d125b34f9b05bde33602d05f6 Mon Sep 17 00:00:00 2001 From: Jonas-Liley <44163160+Jonas-Liley@users.noreply.github.com> Date: Tue, 8 Oct 2024 11:34:53 +0200 Subject: [PATCH 56/56] Demo week7 (#2598) * Added proposal * Week 6: Scientific paper proposal * Added demo proposal * Removed last weeks proposal --------- Co-authored-by: Jonas Liley Co-authored-by: Jonas Liley --- contributions/demo/week7/liley/README.md | 25 ++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 contributions/demo/week7/liley/README.md diff --git a/contributions/demo/week7/liley/README.md b/contributions/demo/week7/liley/README.md new file mode 100644 index 0000000000..3d30fc4847 --- /dev/null +++ b/contributions/demo/week7/liley/README.md @@ -0,0 +1,25 @@ +# Assignment Proposal + +## Title + +Creating security obervability with Wazuh + +## Names and KTH ID + + - Jonas Liley (liley@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Demo + +## Description + +The demonstration will involve setting up a Wazuh server alongside an additional server that will simulate a production environment. I will walk through the process of adding a new server to be monitored by Wazuh, enabling Wazuh to collect and analyze logs, detect vulnerabilities, and monitor system integrity. The demo will also include real-time detection of suspicious activities and automated alerting on potential security incidents. + +**Relevance** + +With the increasing complexity of modern infrastructure, gaining deep security observability across all systems is essential for proactive threat detection and mitigation. Wazuh, as an open-source security monitoring platform, addresses these needs. This demo highlights Wazuh’s capability to centralize security data, helping organizations detect vulnerabilities, track incidents, and ensure compliance, all within a one dashboard.