Skip to content

Commit efa09fe

Browse files
AlessandroColiAlessandroColi
authored
Executable tutorial Proposal (#2882)
* Create README.md * Update README.md * Update README.md
1 parent b0c88d8 commit efa09fe

File tree

1 file changed

+42
-0
lines changed
  • contributions/executable-tutorial/acoli-cocco

1 file changed

+42
-0
lines changed

contributions/executable-tutorial/acoli-cocco/README.md

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
# Assignment Proposal
2+
3+
## Title
4+
5+
_Zero-Trust Data Pipelines: A Practical DevOps Security Tutorial_
6+
7+
## Names and KTH ID
8+
9+
- Coli Alessandro ([email protected])
10+
- Cocco Riccardo ([email protected])
11+
12+
## Deadline
13+
14+
- Task 3
15+
16+
## Category
17+
18+
- Executable tutorial
19+
20+
## Description
21+
22+
This interactive tutorial will provide students with some training and explanation on securing pipelines against threats. It will guide people in transforming a vulnerable deployment workflow into a secure, automated pipeline by implementing security controls that run automatically during build and deployment processes.
23+
24+
Specifically, it will have students add good practices inside their code:
25+
26+
- **Pre-commit security states**: automated integrity verification, blocking deployments when data integrity checks fail.
27+
- **Build time srotection**: cryptographic hashing and secret scanning to prevent credential exposure in pipeline artifacts.
28+
- **Deployment controls**: automated security validation and rollback mechanism, enforcing security standards before deployment
29+
- **Pipeline incident response**: continuous security validation throughout lifecycle.
30+
31+
The **intended learning outcomes** of our tutorial are:
32+
33+
- Implement automated security gates in CI/CD workflows
34+
- Configure integrity verification in pipelines
35+
- Build deployment security controls that maintain DevOps velocity
36+
- Automate security incident response within pipeline operations
37+
38+
All exercises run directly in Colab using GitHub Actions examples and pipeline configuration patterns that participants can immediately apply to their workflows.
39+
40+
**Relevance**
41+
42+
One of the most expensive and common reasons for DevOps pipeline failures is data integrity issues. The ability to have automated security controls in place becomes crucial as DevOps teams handle sensitive data across distributed systems more frequently. This tutorial bridges the gap between security theory and real-world application, giving DevOps students useful skills.

0 commit comments

Comments
 (0)