Executable tutorial Proposal

[AlessandroColi]

Assignment Proposal

Title

Zero-Trust Data Pipelines: A Practical DevOps Security Tutorial

Names and KTH ID

• Coli Alessandro ([email protected])
• Cocco Riccardo ([email protected])

Deadline

• Task 3

Category

• Executable tutorial

Description

This interactive tutorial will provide students with some training and explanation on securing pipelines against threats. It will guide people in transforming a vulnerable deployment workflow into a secure, automated pipeline by implementing security controls that run automatically during build and deployment processes.

Specifically, it will have students add good practices inside their code:

• Pre-commit security states: automated integrity verification, blocking deployments when data integrity checks fail.
• Build time srotection: cryptographic hashing and secret scanning to prevent credential exposure in pipeline artifacts.
• Deployment controls: automated security validation and rollback mechanism, enforcing security standards before deployment
• Pipeline incident response: continuous security validation throughout lifecycle.

The intended learning outcomes of our tutorial are:

• Implement automated security gates in CI/CD workflows
• Configure integrity verification in pipelines
• Build deployment security controls that maintain DevOps velocity
• Automate security incident response within pipeline operations

All exercises run directly in Colab using GitHub Actions examples and pipeline configuration patterns that participants can immediately apply to their workflows.

Relevance

One of the most expensive and common reasons for DevOps pipeline failures is data integrity issues. The ability to have automated security controls in place becomes crucial as DevOps teams handle sensitive data across distributed systems more frequently. This tutorial bridges the gap between security theory and real-world application, giving DevOps students useful skills.

[sofiabobadilla]

@AlessandroColi
The high level idea of your proposal is sound and interesting.

Yet, I would like you to share more details on what particular threats you will cover, and how you will handle them. Is it a tool that you are making yourself, or an external tool?

Please expand on what the tutorial will deliver in more detail and comment on the ILO.

[dd2482-bot]

Readme is not correctly formatted
Need exactly: ['Assignment Proposal', 'Title', 'Names and KTH ID', 'Deadline', 'Category', 'Description']

Got: ['Assignment Proposal', 'Title', 'Names and KTH ID', 'Deadline', 'Category', 'Description', 'Description']

[dd2482-bot]

Readme is not correctly formatted
Need exactly: ['Assignment Proposal', 'Title', 'Names and KTH ID', 'Deadline', 'Category', 'Description']

Got: ['Assignment Proposal', 'Title', 'Names and KTH ID', 'Deadline', 'Category', 'Description', 'Description']

[dd2482-bot]

Readme is not correctly formatted
Need exactly: ['Assignment Proposal', 'Title', 'Names and KTH ID', 'Deadline', 'Category', 'Description']

Got: ['Assignment Proposal', 'Title', 'Names and KTH ID', 'Deadline', 'Category', 'Description', 'Description']

[AlessandroColi]

@AlessandroColi The high level idea of your proposal is sound and interesting.

Yet, I would like you to share more details on what particular threats you will cover, and how you will handle them. Is it a tool that you are making yourself, or an external tool?

Please expand on what the tutorial will deliver in more detail and comment on the ILO.

Updated, is it clearer now?

[Zbj0116]

Hello! @dazhijiong and I would like to give feedback on your tutorial! Tell us when you finished first version.

[riccacocco]

@sofiabobadilla Hi :)
Is the updated proposal now clear?
Can we proceed on working on this?

[riccacocco]

Hello! @dazhijiong and I would like to give feedback on your tutorial! Tell us when you finished first version.

As soon as we get the proposal merged, we are happy to receive your feedback on our tutorial !

[sofiabobadilla]

Yes, please proceed.