diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000..dbba498 Binary files /dev/null and b/.DS_Store differ diff --git a/Gemfile b/Gemfile index d5810e3..e82b3ad 100644 --- a/Gemfile +++ b/Gemfile @@ -5,3 +5,8 @@ gem "jekyll", "~> 4.3.3" # installed by `gem jekyll` gem "just-the-docs", "0.8.1" # pinned to the current release # gem "just-the-docs" # always download the latest release + +gem "csv" +gem "base64" +gem "logger" +gem "bigdecimal" \ No newline at end of file diff --git a/Gemfile.lock b/Gemfile.lock index 8a36229..1cadd50 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,8 +3,11 @@ GEM specs: addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) + base64 (0.2.0) + bigdecimal (3.1.9) colorator (1.1.0) concurrent-ruby (1.2.2) + csv (3.3.3) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) @@ -12,6 +15,8 @@ GEM ffi (1.16.3) forwardable-extended (2.6.0) google-protobuf (3.25.1) + google-protobuf (3.25.1-arm64-darwin) + google-protobuf (3.25.1-x86_64-darwin) http_parser.rb (0.8.0) i18n (1.14.1) concurrent-ruby (~> 1.0) @@ -52,6 +57,7 @@ GEM listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) + logger (1.7.0) mercenary (0.4.0) pathutil (0.16.2) forwardable-extended (~> 2.6) @@ -65,6 +71,8 @@ GEM safe_yaml (1.0.5) sass-embedded (1.69.5-arm64-darwin) google-protobuf (~> 3.23) + sass-embedded (1.69.5-x64-mingw-ucrt) + google-protobuf (~> 3.23) sass-embedded (1.69.5-x86_64-darwin) google-protobuf (~> 3.23) sass-embedded (1.69.5-x86_64-linux-gnu) @@ -76,12 +84,19 @@ GEM PLATFORMS arm64-darwin-23 + arm64-darwin-24 + x64-mingw-ucrt + x86_64-darwin-22 x86_64-darwin-23 x86_64-linux DEPENDENCIES + base64 + bigdecimal + csv jekyll (~> 4.3.3) just-the-docs (= 0.8.1) + logger BUNDLED WITH 2.3.26 diff --git a/_config.yml b/_config.yml index a66183b..d2cb8a3 100644 --- a/_config.yml +++ b/_config.yml @@ -24,4 +24,8 @@ callouts: color: blue lab: title: Access The Lab - color: purple \ No newline at end of file + color: purple + +sass: + sass_dir: _sass + style: compressed diff --git a/_data/quizzes/topic2/chapter1.yml b/_data/quizzes/topic2/chapter1.yml new file mode 100644 index 0000000..2740540 --- /dev/null +++ b/_data/quizzes/topic2/chapter1.yml @@ -0,0 +1,44 @@ +questions: + - prompt: "What is the primary purpose of version control in software development?" + options: + - "It prevents unauthorized users from editing a file." + - "It allows developers to track changes, collaborate, and revert to previous versions of files if necessary." + - "It automates the process of building software from source code." + - "It helps manage user authentication systems in a project." + correct_index: 1 + explanation: "Version control allows developers to track changes, collaborate, and revert to previous versions of files if necessary. This helps maintain a history of changes and prevents conflicts when working collaboratively." + + - prompt: "What is one of the key advantages of using version control in the scenario where Armine and Tigran are working on the same project?" + options: + - "Version control allows them to share the same file without needing to merge their changes." + - "It ensures that both of their changes are automatically merged, without requiring them to review the changes." + - "It enables them to track their changes independently and merge their updates later, preventing conflicts." + - "It prevents them from making any changes to each other's files." + correct_index: 2 + explanation: "Version control enables Armine and Tigran to track their changes independently and merge their updates later, preventing conflicts. This process is essential when multiple developers are working on the same codebase." + + - prompt: "True or False: Version control systems, like GitHub, prevent all types of conflicts between developers working on the same project by automatically merging all changes." + options: + - "True" + - "False" + correct_index: 1 + explanation: "False. Version control systems help manage changes and alert developers to conflicts, but they do not automatically merge all changes. Developers must manually resolve conflicts." + + - prompt: "Which of the following is NOT true about version control systems?" + options: + - "They allow developers to view the history of changes made to files and revert to any previous state." + - "They can automatically detect and resolve any conflicts between different versions of a file." + - "They facilitate collaboration by allowing multiple developers to work on different parts of a project without interfering with each other." + - "They store different versions of files, enabling developers to work on multiple features simultaneously." + correct_index: 1 + explanation: "Version control systems help detect conflicts, but they do not automatically resolve them. Developers must review and merge conflicting changes manually." + + - prompt: "Which of the following best describes how GitHub helps in the version control process?" + options: + - "GitHub is used exclusively for backing up files and does not include version control features." + - "GitHub only serves as a cloud-based storage system for completed software projects and does not support versioning." + - "GitHub is a platform for organizing and managing tasks related to software development but does not play a role in version control." + - "GitHub integrates with version control systems to store files and track changes, while also providing a user interface for collaboration and version history." + correct_index: 3 + explanation: "GitHub is a version control platform that integrates with Git to store files, track changes, and provide collaboration features like issue tracking, pull requests, and version history." + diff --git a/_data/quizzes/topic2/chapter2.yml b/_data/quizzes/topic2/chapter2.yml new file mode 100644 index 0000000..493a92e --- /dev/null +++ b/_data/quizzes/topic2/chapter2.yml @@ -0,0 +1,41 @@ +questions: + - prompt: "In Git, all changes in your working directory are committed to the repository when you run git commit, even if they haven't been added to the staging area." + options: + - "True" + - "False" + correct_index: 1 + explanation: "False — Only changes that have been added to the staging area using git add will be included in a commit. Unstaged changes in the working directory are not committed." + + - prompt: "What happens when you run the command git checkout <branch-name>?" + options: + - "It creates a new branch called <branch-name> but doesn't switch to it." + - "It deleted the <branch-name> branch from the respository." + - "It uploads your changes to the remote repository." + - "It switches your local branch to <branch-name> and updates the working directory with that branch's files." + correct_index: 3 + explanation: "git checkout <branch-name> switches to the specified branch and updates the working directory with that branch's contents." + + - prompt: "In Git, the term _________ refers to a snapshot of your project at a specific point in time, which is stored in the repository after running git commit." + options: + - "Working Directory" + - "Staging Area" + - "Commit" + - "Branch" + correct_index: 2 + explanation: "A commit in Git represents a snapshot of your project at a specific point in time." + + - prompt: "Which of the following statements is FALSE regarding Git branches?" + options: + - "A branch in Git does not copy files but simply creates a new pointer to them." + - "You can use branches to experiment with new features without affecting the main codebase." + - "Once a branch is created, it automatically merges into the main branch after a set period." + - "A branch isolates development work, enabling concurrent tasks without conflicts." + correct_index: 2 + explanation: "A branch does NOT automatically merge into the main branch; you have to do it manually using git merge." + + - prompt: "If you delete a branch using git branch -d <branch-name>, the branch is permanently deleted from both your local and remote repositories." + options: + - "True" + - "False" + correct_index: 1 + explanation: "git branch -d only deletes the LOCAL branch. To delete a branch from the remote, you would use git push origin --delete <branch-name>." diff --git a/_includes/head_custom.html b/_includes/head_custom.html index 3a75c49..543ff78 100644 --- a/_includes/head_custom.html +++ b/_includes/head_custom.html @@ -1,5 +1,6 @@ + \ No newline at end of file diff --git a/_includes/nav_footer_custom.html b/_includes/nav_footer_custom.html index c215dc8..1e8dcc9 100644 --- a/_includes/nav_footer_custom.html +++ b/_includes/nav_footer_custom.html @@ -1,3 +1,32 @@ \ No newline at end of file + + + \ No newline at end of file diff --git a/_includes/quiz.html b/_includes/quiz.html new file mode 100644 index 0000000..552cccf --- /dev/null +++ b/_includes/quiz.html @@ -0,0 +1,29 @@ +

🧠 Knowledge Check

+

Answer the questions below to test your knowledge!

+ +
+ {% for q in include.data.questions %} +
+

Q{{ forloop.index }}: {{ q.prompt }}

+ + {% for option in q.options %} + + {% endfor %} + + +
+ {% endfor %} + + + + + +
+ + + diff --git a/_layouts/custom.html b/_layouts/custom.html index 63d4e2d..0aea4dd 100644 --- a/_layouts/custom.html +++ b/_layouts/custom.html @@ -19,6 +19,12 @@ {% include components/children_nav.html %} {% endif %} + +
+ + + +
{% include components/footer.html %} @@ -33,5 +39,61 @@ {% if site.mermaid %} {% include components/mermaid.html %} {% endif %} + + + + + + + {% include footer_custom.html %} + + + \ No newline at end of file diff --git a/_sass/custom/custom.scss b/_sass/custom/custom.scss index 1cfb8b6..88d9a8c 100644 --- a/_sass/custom/custom.scss +++ b/_sass/custom/custom.scss @@ -249,7 +249,6 @@ div.highlighter-rouge > button, div.listingblock > div.content > button, figure. padding-top: 64px; flex: 1; min-width: 300px; - background-color: #fbfbfb; border-left: 1px solid #eeebee; h2 { diff --git a/_sass/custom/dark.scss b/_sass/custom/dark.scss new file mode 100644 index 0000000..3ca510a --- /dev/null +++ b/_sass/custom/dark.scss @@ -0,0 +1,20 @@ +/* Dark Mode Colors */ +$color-scheme: dark; +$body-background-color: $grey-dk-300; +$body-heading-color: $grey-lt-000; +$body-text-color: $grey-lt-300; +$link-color: $blue-000; +$nav-child-link-color: $grey-dk-000; +$sidebar-color: $grey-dk-300; +$base-button-color: $grey-dk-250; +$btn-primary-color: $blue-200; +$code-background-color: #31343f; /* OneDarkJekyll default for syntax-one-dark-vivid */ +$code-linenumber-color: #dee2f7; /* OneDarkJekyll .nf for syntax-one-dark-vivid */ +$feedback-color: darken($sidebar-color, 3%); +$table-background-color: $grey-dk-250; +$search-background-color: $grey-dk-250; +$search-result-preview-color: $grey-dk-000; +$border-color: $grey-dk-200; + +/* Syntax highlighting for code */ +@import "./vendor/OneDarkJekyll/syntax"; /* This is the one-dark-vivid atom syntax theme */ diff --git a/_sass/custom/light.scss b/_sass/custom/light.scss new file mode 100644 index 0000000..a5f60c4 --- /dev/null +++ b/_sass/custom/light.scss @@ -0,0 +1,16 @@ +$color-scheme: light !default; +$body-background-color: $white !default; +$body-heading-color: $grey-dk-300 !default; +$body-text-color: $grey-dk-100 !default; +$link-color: $purple-000 !default; +$nav-child-link-color: $grey-dk-100 !default; +$sidebar-color: $grey-lt-000 !default; +$base-button-color: #f7f7f7 !default; +$btn-primary-color: $purple-100 !default; +$code-background-color: $grey-lt-000 !default; +$feedback-color: darken($sidebar-color, 3%) !default; +$table-background-color: $white !default; +$search-background-color: $white !default; +$search-result-preview-color: $grey-dk-000 !default; + +@import "./vendor/OneLightJekyll/syntax"; \ No newline at end of file diff --git a/_sass/custom/quiz.scss b/_sass/custom/quiz.scss new file mode 100644 index 0000000..ff34418 --- /dev/null +++ b/_sass/custom/quiz.scss @@ -0,0 +1,69 @@ +.quiz-form { + margin-top: 2rem; + padding: 1rem; + border: 2px solid #ccc; + border-radius: 10px; + background-color: #ffffff; + + .quiz-question { + margin-bottom: 1.5rem; + p { + font-weight: 600; + margin-bottom: 0.5rem; + } + + label { + display: block; + margin: 1rem; + cursor: pointer; + + input[type="radio"] { + margin-right: 0.5rem; + } + } + + .quiz-feedback { + padding: 0.5rem; + margin-top: 0.5rem; + border-radius: 0.5rem; + font-weight: bold; + + &.correct { + background-color: #d4edda; + color: #155724; + border: 1px solid #c3e6cb; + } + + &.incorrect { + background-color: #f8d7da; + color: #721c24; + border: 1px solid #f5c6cb; + } + + p#feedback-title { + margin-top: 0.5rem; + } + } + } + + button { + margin-top: 0.5rem; + padding: 0.6rem 1.2rem; + background-color: #007acc; + color: white; + border: none; + border-radius: 6px; + cursor: pointer; + + &:hover { + background-color: #005fa3; + } + + &:disabled { + background-color: #cccccc; + color: #666666; + cursor: not-allowed; + opacity: 0.7; + } + } +} \ No newline at end of file diff --git a/assets/js/quiz-reset.js b/assets/js/quiz-reset.js new file mode 100644 index 0000000..0161904 --- /dev/null +++ b/assets/js/quiz-reset.js @@ -0,0 +1,21 @@ +function resetQuiz(quizId) { + const form = document.querySelector(`.quiz-form[data-quiz-id="${quizId}"]`); + const header = document.querySelector("#quiz-title"); + header.scrollIntoView({ behavior: "smooth", block: "start" }); + + const questions = form.querySelectorAll('.quiz-question'); + + questions.forEach((questionDiv) => { + const selected = questionDiv.querySelector('input[type="radio"]:checked'); + if (selected) selected.checked = false; + + const feedback = questionDiv.querySelector('.quiz-feedback'); + feedback.innerHTML = ''; + feedback.style.display = 'none'; + feedback.classList.remove('correct', 'incorrect'); + }); + + // Enable Submit button and hide Try Again button + form.querySelector('.submit-btn').disabled = false; + form.querySelector('.try-again-btn').style.display = 'none'; +} diff --git a/assets/js/quiz.js b/assets/js/quiz.js new file mode 100644 index 0000000..386780a --- /dev/null +++ b/assets/js/quiz.js @@ -0,0 +1,83 @@ +function submitQuiz(quizId) { + const form = document.querySelector(`.quiz-form[data-quiz-id="${quizId}"]`); + const header = document.querySelector("#quiz-title"); + header.scrollIntoView({ behavior: "smooth", block: "start" }); + + const questions = form.querySelectorAll('.quiz-question'); + let allCorrect = true; + let allAnswered = true; + + questions.forEach((questionDiv, index) => { + const selected = questionDiv.querySelector('input[type="radio"]:checked'); + const feedback = questionDiv.querySelector('.quiz-feedback'); + + feedback.classList.remove('correct', 'incorrect'); + feedback.style.display = "none"; + + const correctIndex = window.quizData[quizId].questions[index].correct_index; + const explanation = window.quizData[quizId].questions[index].explanation; + + if (!selected) { + feedback.innerHTML = `

Please select an answer.

`; + allAnswered = false; + allCorrect = false; + } else if (parseInt(selected.value) === correctIndex) { + feedback.innerHTML = `

Correct! ✅

${explanation}`; + feedback.classList.add("correct"); + } else { + feedback.innerHTML = `

Incorrect ❌

${explanation}`; + feedback.classList.add("incorrect"); + allCorrect = false; + } + + feedback.style.display = "block"; + }); + + // Disable the Submit button and show Try Again button + form.querySelector('.submit-btn').disabled = true; + form.querySelector('.try-again-btn').style.display = 'inline-block'; + + if (allAnswered && allCorrect) { + triggerConfetti(); + } +} + +function triggerConfetti () { + var count = 200; + var defaults = { + origin: { y: 0.7 } + }; + + setTimeout(() => { + function fire(particleRatio, opts) { + confetti({ + ...defaults, + ...opts, + particleCount: Math.floor(count * particleRatio) + }); + } + + fire(0.25, { + spread: 26, + startVelocity: 55, + }); + fire(0.2, { + spread: 60, + }); + fire(0.35, { + spread: 100, + decay: 0.91, + scalar: 0.8 + }); + fire(0.1, { + spread: 120, + startVelocity: 25, + decay: 0.92, + scalar: 1.2 + }); + fire(0.1, { + spread: 120, + startVelocity: 45, + }); + }, 650); +} diff --git a/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-1-SDLC/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-1-SDLC/index.md new file mode 100644 index 0000000..0676e56 --- /dev/null +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-1-SDLC/index.md @@ -0,0 +1,11 @@ +--- +title: Chapter 1 - Introduction to SDLC +layout: custom +parent: Topic 1 - Introduction to SDLC and DevSecOps +has_children: false +has_toc: false +nav_order: 1 +--- + +# Chapter 1 - Introduction to SDLC +## What is the Software Development Lifecycle (SDLC)? diff --git a/docs/course/topic-1-git/chapter-1-version-control/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-2-version-control/index.md similarity index 96% rename from docs/course/topic-1-git/chapter-1-version-control/index.md rename to docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-2-version-control/index.md index 97e85f6..0f72ec8 100644 --- a/docs/course/topic-1-git/chapter-1-version-control/index.md +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-2-version-control/index.md @@ -1,10 +1,10 @@ --- -title: Chapter 1 - Introduction to Version Control +title: Chapter 2 - Version Control layout: custom -parent: Topic 1 - Git +parent: Topic 1 - Introduction to SDLC and DevSecOps has_children: false has_toc: false -nav_order: 1 +nav_order: 2 --- # Chapter 1 - Introduction to Version Control diff --git a/docs/course/topic-2-DevOps/chapter-1-intro-to-devops/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-3-intro-to-devOps/index.md similarity index 99% rename from docs/course/topic-2-DevOps/chapter-1-intro-to-devops/index.md rename to docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-3-intro-to-devOps/index.md index 2632916..32c0965 100644 --- a/docs/course/topic-2-DevOps/chapter-1-intro-to-devops/index.md +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-3-intro-to-devOps/index.md @@ -1,10 +1,10 @@ --- -title: Chapter 1 - Intro to DevOps +title: Chapter 3 - Intro to DevOps layout: custom -parent: Topic 2 - DevOps +parent: Topic 1 - Introduction to SDLC and DevSecOps has_children: false has_toc: false -nav_order: 1 +nav_order: 3 --- # Introduction to DevOps ## Problem Space diff --git a/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-4-intro-to-cicd/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-4-intro-to-cicd/index.md new file mode 100644 index 0000000..8dd0a2d --- /dev/null +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-4-intro-to-cicd/index.md @@ -0,0 +1,124 @@ +--- +title: Chapter 4 - Intro to CI/CD +layout: custom +parent: Topic 1 - Introduction to SDLC and DevSecOps +has_children: false +has_toc: false +nav_order: 4 +--- + +# Introduction to CI/CD +

CI/CD, short for Continuous Integration and Continuous Delivery, is a part of the DevOps process. “It is a collection of principles and practices designed to help development teams ensure the reliable delivery of frequent code changes.”

+ +
+ CI/CD Lifecycle +

Source: Mind The Product

+ +
+ +## DevOps vs. CI/CD + + + + + + + + + + + + + + + + + + + + + + + + + + +
CategoryDevOpsCICD
PurposeFacilitate collaboration and efficiency across the development lifecycle.Automate testing to ensure code compatibility.Automate deployment for seamless software releases.
Methods +
    +
  • Implement automation to streamline collaboration between development and operations teams.
    • +
  • Use infrastructure as code (IaC) to provision and manage infrastructure.
    • +
  • Integrate continuous feedback loops to gather insights from stakeholders and improve processes iteratively.
    • +
+ 		+
    +
  • Automate the build and testing process for every code change.
    • +
  • Identify integration issues early in the development lifecycle.
    • +
  • Support the principle of "fail fast" by providing rapid feedback to developers.
    • +
+ 		+
    +
  • Encompass both Continuous Integration and Continuous Deployment.
    • +
  • Automate the deployment process to production environments.
    • +
  • Enable organizations to release software updates quickly and reliably while minimizing risks.
    • +
+
Key Benefits +
    +
  • Promotes a culture of shared responsibility and accountability.
    • +
  • Emphasizes the importance of automating repetitive tasks to reduce manual errors and increase efficiency.
    • +
  • Focuses on delivering value to customers through rapid and iterative development cycles.
    • +
+ 		+
    +
  • Increases code quality by identifying issues early in the development process.
    • +
  • Speeds up the development cycle by automating build and testing processes.
    • +
  • Enables rapid feedback to developers for quick iterations.
    • +
+ 		+
    +
  • Accelerates time to market by automating deployment processes.
    • +
  • Minimizes risks associated with manual deployments.
    • +
  • Enhances overall software reliability and stability.
    • +
+
+ +### References +
+ Expand + 1. Ashtari, Hossein et al. “Key Differences between CI/CD and DevOps.” Spiceworks, www.spiceworks.com/tech/devops/articles/cicd-vs-devops/. Accessed 20 Feb. 2024.
+ 2. Ferringer, Megan. “Here’s the Difference between CI/CD and Devops-and How They Work Together to Drive Innovation.” Navisite, 2 Mar. 2023, www.navisite.com/blog/insights/ci-cd-vs-devops/.
+ 3. “What the Hell Are CI/CD and DevOps? A Cheatsheet for the Rest of Us.” Mind the Product, www.mindtheproduct.com/what-the-hell-are-ci-cd-and-devops-a-cheatsheet-for-the-rest-of-us/. Accessed 20 Feb. 2024.
+ 4. “The IDEAL & Practical CI / CD Pipeline - Concepts Overview.” YouTube, 17 Feb. 2022, www.youtube.com/watch?v=OPwU3UWCxhw.
+ 5. Morg, Brad. “How to Design a Modern CI/CD Pipeline.” YouTube, 17 Oct. 2023, www.youtube.com/watch?v=KnSBNd3b0qI.
+ 6. Morg, Brad. “How to Design a Deployment Pipeline (GitOps).” YouTube, 30 Oct. 2023, www.youtube.com/watch?v=pJ9f7w4AxtU.
+
diff --git a/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-5-intro-to-devsecops/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-5-intro-to-devsecops/index.md new file mode 100644 index 0000000..7d641f7 --- /dev/null +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/chapter-5-intro-to-devsecops/index.md @@ -0,0 +1,104 @@ +--- +title: Chapter 5 - Introduction to DevSecOps +layout: custom +parent: Topic 1 - Introduction to SDLC and DevSecOps +has_children: false +has_toc: false +nav_order: 5 +--- + + +# Chapter 5 - Introduction to DevSecOps + +## Defining DevSecOps +- Dev = Development +- Sec = Security +- Ops = Operations + +**DevSecOps is a methodology that integrates security practices within the DevOps process.** The main goal of DevSecOps is to embed security in every part of the development lifecycle, from initial design through integration, testing, deployment, and software delivery. + +Ok, now what? You just have to start integrating this into your coding practices? Actually yes, the whole reason this curriculum is applicable for every person working in IT is because it is best development practice to have a secure lifecycle throughout all of the processes IT goes through when developing a project. + +
+ DevSecOps +

Source: Red Hat

+
+ + + + +## Why Implement DevSecOps: + +**The Importance of Security in SDLC:** + +The software development lifecycle (SDLC) is a framework used to develop, deploy, and maintain software. A common problem in software development is that security related activities are deferred until the testing phase, which is late in the SDLC after most of the critical design and implementation has been completed. Missing a security related risk could be costly, set back progress, and go unnoticed causing room for further severe impact. + +**What is "Shift" Testing:** + +"Shift left" and "shift right" are terms that emphasize implementing security practices throughout the SDLC. By adopting shift left and shift right principles, teams are able to fix security flaws early on. They are meant to evaluate and ensure quality of the project by focusing on continuous testing methods. + +To **shift left** is to incorporate security testing as soon as possible to find vulnerabilities and fix defects as early as possible in development. + +To **shift right** is to monitor user behavior, usage, performance, and security metrics in the production stage to verify software operability. + +

Source: Red Hat

+ + + + +## Tools and technologies: + +
Infrastructure as code scanning +

+ +

  • DevSecOps teams use open source tools like Terraform to manage and provision infrastructure like networks, virtual machines, and load balancers through code rather than doing it manually
    • + +
  • Terraform helps ensure that infrastructure is set up and updated consistently across hundreds or thousands of servers
    • + +
  • Infrastructure as a code scanning tools automatically check the infrastructure at the code level for noncompliance with security policies and standards
    • +

    Source: Microsoft

    +

    +
    + + + +
    Dynamic and Static Application Security Testing +

    + +

  • Dynamic application security testing: This process of testing tests the methods a bad actor might use to attack an application. This testing occurs while the application is running and is based on predefined use cases.
    • + +
  • Static application security testing: Before their code compiles, DevSecOps developers begin testing their custom code for security vulnerabilities. Static application security testing tools make this process easier with automatic checks and real-time feedback, often specifying exactly where an vulnerability is
    • + +
    • +

    Source: Microsoft

    +

    +
    + + +
    Container Scanning +

    + +

  • Container: A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another
    • + +
  • Containers are widely used in DevSecOps because they help developers easily deploy self-contained units of code
    • + +
  • Container Image: Within a container is a container image, which is a executable software bundle that runs processes for the container. These images are often built using existing images or pulled from public repositories.
    • + +

    Source 1: Docker

    +

    Source 2: Microsoft

    +

    +
    + + + + +### References + +**1.** “What is DevSecOps?” *Red Hat*, [https://www.redhat.com/en/topics/devops/what-is-devsecops](https://www.redhat.com/en/topics/devops/what-is-devsecops). Accessed 8 Apr. 2024. + +**2.** “What is DevSecOps?” *Microsoft*, [https://www.microsoft.com/en-us/security/business/security-101/what-is-devsecops](https://www.microsoft.com/en-us/security/business/security-101/what-is-devsecops). Accessed 8 Apr. 2024. + +**3.** “Use containers to Build, Share and Run your applications” *Docker*, [https://www.docker.com/resources/what-container/](https://www.docker.com/resources/what-container/). Accessed 8 Apr. 2024. + +**4.** “Shift left vs. shift right” *Red Hat*, [https://www.redhat.com/en/topics/devops/shift-left-vs-shift-right](https://www.redhat.com/en/topics/devops/shift-left-vs-shift-right). Accessed 8 Apr. 2024. + diff --git a/docs/course/Topic-1-Software-Dev-and-DevSecOps/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/index.md new file mode 100644 index 0000000..2bbd54b --- /dev/null +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/index.md @@ -0,0 +1,18 @@ +--- +title: Topic 1 - Introduction to SDLC and DevSecOps +layout: custom +parent: +has_children: true +has_toc: false +nav_order: 3 +--- + +# Topic 1 - Introduction to the SDLC and DevSecOps + +| Chapter | Learning Objectives | Lab Description | +|---------|---------------------|-----------------| +| Chapter 1: Introduction to SDLC | - Define Software Development Lifecycle
    - Understand the basics of SDLC methodologies
    - Explore the benefits of using different methodologies
    | | +| Chapter 2: Intro to Version Control | - Define version control
    - Understand the basics of version control systems
    - Explore the benefits of using version control
    - Introduction to common version control tools| | +| Chapter 3: Introduction to DevOps | - Define DevOps
    | +| Chapter 4: Introduction to CI/CD | - Establish effective documentation habits
    - Discuss the importance of READMEs and wikis
    - Explore best practices for inline code commenting | +| Chapter 4: Securing SDLC with DevSecOps | - Define DevSecOps
    | | \ No newline at end of file diff --git a/docs/course/Topic-1-Software-Dev-and-DevSecOps/review-and-knowledge-check/index.md b/docs/course/Topic-1-Software-Dev-and-DevSecOps/review-and-knowledge-check/index.md new file mode 100644 index 0000000..7ba6a92 --- /dev/null +++ b/docs/course/Topic-1-Software-Dev-and-DevSecOps/review-and-knowledge-check/index.md @@ -0,0 +1,9 @@ +--- +title: Topic Review and Knowledge Check +layout: custom +parent: Topic 1 - Introduction to SDLC and DevSecOps +has_toc: false +nav_order: 6 +--- + +# Topic Review and Knowledge Check \ No newline at end of file diff --git a/docs/course/Topic-2-Git/chapter-1-version-control/index.md b/docs/course/Topic-2-Git/chapter-1-version-control/index.md new file mode 100644 index 0000000..cb9489c --- /dev/null +++ b/docs/course/Topic-2-Git/chapter-1-version-control/index.md @@ -0,0 +1,48 @@ +--- +title: Chapter 1 - Version Control +layout: custom +parent: Topic 2 - Git +has_children: false +has_toc: false +nav_order: 1 +topic: topic2 +chapter: chapter1 +--- + +# Chapter 1 - Introduction to Version Control +## What is version control? +Version control is **a system that records changes to a file or set of files over time** so that you can recall specific versions later. It's a critical tool in modern software development, allowing developers to work collaboratively, track every modification, and revert to previous states if necessary. + +> **Example Scenario** +> +> Armine and Tigran are part of a software development team tasked with creating a new mobile application. Armine is tasked with refining the user authentication system, while Tigran is implementing an innovative feature that allows users to share media within the app. +> +> **Without Version Control**: If Armine and Tigran are editing the same file, Tigran's latest upload could accidentally overwrite the changes Armine made, resulting in a loss of progress and potential conflicts in the code. +> +> **With Version Control**: Armine and Tigran can work on their updates concurrently without the risk of interfering with each other's contributions. Here's how it unfolds: +> +> - Independently, they make their changes and commit their updates to the version control system, each creating a new version in the repository. +> +> - The version control system alerts them to the presence of new, separate updates, signaling that a merge of changes is necessary. +> +> - Together, they examine the differences, carefully integrate their respective code changes, and commit the unified version to the repository. +> +> - Should an issue arise with the authentication update, Armine can revert her portion of the code to a previous state without disrupting Tigran's feature, thanks to the version history maintained by the system. + +A common tool for version control is GitHub. GitHub allows you acts as a central hub for all of the different versions of your code, kind of how in google docs you can see the history of your changes. Though there are many different systems for version control, we will be learning using GitHubs features. The syntax and user interface of different products are different, but the core elements are the same. + +--- + +{% include quiz.html + id="topic2-chapter1" + data=site.data.quizzes.topic2.chapter1 +%} + + +### References +
    + Expand + 1. Atlassian. “What Is Version Control: Atlassian Git Tutorial.” Atlassian, www.atlassian.com/git/tutorials/what-is-version-control. Accessed 15 Apr. 2024.
    + 2. “1.1 Getting Started - about Version Control.” Git, git-scm.com/book/en/v2/Getting-Started-About-Version-Control. Accessed 15 Apr. 2024.
    + 3. “What Is Version Control?” GitLab, GitLab, 4 Apr. 2023, about.gitlab.com/topics/version-control/.
    +
    \ No newline at end of file diff --git a/docs/course/topic-1-git/chapter-2-understanding-git/Git.jpg b/docs/course/Topic-2-Git/chapter-2-understanding-git/Git.jpg similarity index 100% rename from docs/course/topic-1-git/chapter-2-understanding-git/Git.jpg rename to docs/course/Topic-2-Git/chapter-2-understanding-git/Git.jpg diff --git a/docs/course/topic-1-git/chapter-2-understanding-git/index.md b/docs/course/Topic-2-Git/chapter-2-understanding-git/index.md similarity index 97% rename from docs/course/topic-1-git/chapter-2-understanding-git/index.md rename to docs/course/Topic-2-Git/chapter-2-understanding-git/index.md index bac5343..6dbbc81 100644 --- a/docs/course/topic-1-git/chapter-2-understanding-git/index.md +++ b/docs/course/Topic-2-Git/chapter-2-understanding-git/index.md @@ -1,10 +1,12 @@ --- title: Chapter 2 - Git Fundamentals layout: custom -parent: Topic 1 - Git +parent: Topic 2 - Git has_toc: false has_children: false nav_order: 2 +topic: topic2 +chapter: chapter2 --- # Git Fundamentals @@ -78,6 +80,12 @@ Creating a branch in Git is a fast and simple operation because it doesn't copy By using branches, you can manage the development of new features, fixes, and updates in a structured and organized manner, allowing for a smoother and more controlled workflow. +--- + +{% include quiz.html + id="topic2-chapter2" + data=site.data.quizzes.topic2.chapter2 +%} ### References
    diff --git a/docs/course/topic-1-git/chapter-2-understanding-git/lab/csd-lab-1.md b/docs/course/Topic-2-Git/chapter-2-understanding-git/lab/csd-lab-1.md similarity index 100% rename from docs/course/topic-1-git/chapter-2-understanding-git/lab/csd-lab-1.md rename to docs/course/Topic-2-Git/chapter-2-understanding-git/lab/csd-lab-1.md diff --git a/docs/course/topic-1-git/chapter-3-Intermediate-Concepts/index.md b/docs/course/Topic-2-Git/chapter-3-Intermediate-Concepts/index.md similarity index 99% rename from docs/course/topic-1-git/chapter-3-Intermediate-Concepts/index.md rename to docs/course/Topic-2-Git/chapter-3-Intermediate-Concepts/index.md index 1929e27..dccd1bd 100644 --- a/docs/course/topic-1-git/chapter-3-Intermediate-Concepts/index.md +++ b/docs/course/Topic-2-Git/chapter-3-Intermediate-Concepts/index.md @@ -1,7 +1,7 @@ --- title: Chapter 3 - Git Intermediate Concepts layout: custom -parent: Topic 1 - Git +parent: Topic 2 - Git has_children: true has_toc: false nav_order: 3 diff --git a/docs/course/topic-1-git/chapter-3-Intermediate-Concepts/lab/git-lab-1.md b/docs/course/Topic-2-Git/chapter-3-Intermediate-Concepts/lab/git-lab-1.md similarity index 98% rename from docs/course/topic-1-git/chapter-3-Intermediate-Concepts/lab/git-lab-1.md rename to docs/course/Topic-2-Git/chapter-3-Intermediate-Concepts/lab/git-lab-1.md index b30f237..b20615c 100644 --- a/docs/course/topic-1-git/chapter-3-Intermediate-Concepts/lab/git-lab-1.md +++ b/docs/course/Topic-2-Git/chapter-3-Intermediate-Concepts/lab/git-lab-1.md @@ -1,7 +1,7 @@ --- layout: custom title: Lab 1. Version Control and Branching -grand_parent: Topic 1 - Git +grand_parent: Topic 2 - Git parent: Chapter 3 - Git Intermediate Concepts nav_order: 1 --- diff --git a/docs/course/topic-1-git/chapter-4-git-best-practices/index.md b/docs/course/Topic-2-Git/chapter-4-git-best-practices/index.md similarity index 99% rename from docs/course/topic-1-git/chapter-4-git-best-practices/index.md rename to docs/course/Topic-2-Git/chapter-4-git-best-practices/index.md index a505e2e..2001747 100644 --- a/docs/course/topic-1-git/chapter-4-git-best-practices/index.md +++ b/docs/course/Topic-2-Git/chapter-4-git-best-practices/index.md @@ -1,7 +1,7 @@ --- title: Chapter 4 - Git Best Practices layout: custom -parent: Topic 1 - Git +parent: Topic 2 - Git has_toc: false nav_order: 4 --- diff --git a/docs/course/Topic-2-Git/chapter-5-advanced-git-techniques/index.md b/docs/course/Topic-2-Git/chapter-5-advanced-git-techniques/index.md new file mode 100644 index 0000000..123b55f --- /dev/null +++ b/docs/course/Topic-2-Git/chapter-5-advanced-git-techniques/index.md @@ -0,0 +1,9 @@ +--- +title: Chapter 6 - Advanced Git Techniques +layout: custom +parent: Topic 2 - Git +has_toc: false +nav_order: 5 +--- + +# Chapter 6 - Advanced Git Techniques \ No newline at end of file diff --git a/docs/course/topic-1-git/index.md b/docs/course/Topic-2-Git/index.md similarity index 95% rename from docs/course/topic-1-git/index.md rename to docs/course/Topic-2-Git/index.md index f0867a1..51ac42e 100644 --- a/docs/course/topic-1-git/index.md +++ b/docs/course/Topic-2-Git/index.md @@ -1,12 +1,12 @@ --- -title: Topic 1 - Git +title: Topic 2 - Git layout: custom has_children: true has_toc: false -nav_order: 3 +nav_order: 4 --- -# Topic 1 - Git +# Topic 2 - Git | Chapter | Learning Objectives | Lab Description | |---------|---------------------|-----------------| diff --git a/docs/course/Topic-2-Git/review-and-knowledge-check/index.md b/docs/course/Topic-2-Git/review-and-knowledge-check/index.md new file mode 100644 index 0000000..69dd512 --- /dev/null +++ b/docs/course/Topic-2-Git/review-and-knowledge-check/index.md @@ -0,0 +1,9 @@ +--- +title: Topic Review and Knowledge Check +layout: custom +parent: Topic 2 - Git +has_toc: false +nav_order: 6 +--- + +# Topic Review and Knowledge Check \ No newline at end of file diff --git a/docs/course/topic-2-DevOps/chapter-2-intro-to-ci-cd/index.md b/docs/course/Topic-3-CICD-Concepts/chapter-1-cicd-core-concepts/index.md similarity index 98% rename from docs/course/topic-2-DevOps/chapter-2-intro-to-ci-cd/index.md rename to docs/course/Topic-3-CICD-Concepts/chapter-1-cicd-core-concepts/index.md index dd063e7..3dc7f71 100644 --- a/docs/course/topic-2-DevOps/chapter-2-intro-to-ci-cd/index.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-1-cicd-core-concepts/index.md @@ -1,13 +1,13 @@ --- -title: Chapter 2 - Intro to CI/CD +title: Chapter 1 - CI/CD Fundamentals layout: custom -parent: Topic 2 - DevOps +parent: Topic 3 - CI/CD Fundamentals has_children: false has_toc: false nav_order: 2 --- -# Introduction to CI/CD +# CI/CD Fundamentals

    CI/CD, short for Continuous Integration and Continuous Delivery, is a part of the DevOps process. “It is a collection of principles and practices designed to help development teams ensure the reliable delivery of frequent code changes.”

    diff --git a/docs/course/topic-2-DevOps/chapter-4-webhooks/index.md b/docs/course/Topic-3-CICD-Concepts/chapter-2-webhooks/index.md similarity index 97% rename from docs/course/topic-2-DevOps/chapter-4-webhooks/index.md rename to docs/course/Topic-3-CICD-Concepts/chapter-2-webhooks/index.md index 877ec53..32c0b09 100644 --- a/docs/course/topic-2-DevOps/chapter-4-webhooks/index.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-2-webhooks/index.md @@ -1,9 +1,9 @@ --- -title: Chapter 4 - Webhooks +title: Chapter 2 - Webhooks layout: custom -parent: Topic 2 - DevOps +parent: Topic 3 - CI/CD Fundamentals has_toc: false -nav_order: 4 +nav_order: 2 --- ## Utilizing Web Hooks for Continuous Integration diff --git a/docs/course/topic-2-DevOps/chapter-5-automation/index.md b/docs/course/Topic-3-CICD-Concepts/chapter-3-automated-testing/index.md similarity index 98% rename from docs/course/topic-2-DevOps/chapter-5-automation/index.md rename to docs/course/Topic-3-CICD-Concepts/chapter-3-automated-testing/index.md index 0979ccd..e22dc38 100644 --- a/docs/course/topic-2-DevOps/chapter-5-automation/index.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-3-automated-testing/index.md @@ -1,10 +1,10 @@ --- -title: Chapter 5 - Automated Tests +title: Chapter 2 - Automated Tests layout: custom -parent: Topic 2 - DevOps +parent: Topic 3 - CI/CD Fundamentals has_children: false has_toc: false -nav_order: 5 +nav_order: 3 --- # Automated Testing in CI/CD diff --git a/docs/course/topic-2-DevOps/chapter-6-deployment/index.md b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/index.md similarity index 99% rename from docs/course/topic-2-DevOps/chapter-6-deployment/index.md rename to docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/index.md index ce4878a..f0bb9f9 100644 --- a/docs/course/topic-2-DevOps/chapter-6-deployment/index.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/index.md @@ -1,10 +1,10 @@ --- -title: Chapter 6 - Deployment +title: Chapter 4 - Deployment layout: custom -parent: Topic 2 - DevOps +parent: Topic 3 - CI/CD Fundamentals has_toc: false has_children: true -nav_order: 6 +nav_order: 4 --- # Introduction to Deployment diff --git a/docs/course/topic-2-DevOps/chapter-6-deployment/lab/deployment-lab-1.md b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/deployment-lab-1.md similarity index 99% rename from docs/course/topic-2-DevOps/chapter-6-deployment/lab/deployment-lab-1.md rename to docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/deployment-lab-1.md index 5eda465..bacea92 100644 --- a/docs/course/topic-2-DevOps/chapter-6-deployment/lab/deployment-lab-1.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/deployment-lab-1.md @@ -1,8 +1,8 @@ --- title: Lab 1. Configuring a Simple CI/CD Pipeline layout: custom -grand_parent: Topic 2 - DevOps -parent: Chapter 6 - Deployment +grand_parent: Topic 3 - CI/CD Fundamentals +parent: Chapter 4 - Deployment nav_order: 2 --- **Estimated Time to Complete:** 60 minutes diff --git a/docs/course/topic-2-DevOps/chapter-6-deployment/lab/imgs/jenkins-login.png b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/imgs/jenkins-login.png similarity index 100% rename from docs/course/topic-2-DevOps/chapter-6-deployment/lab/imgs/jenkins-login.png rename to docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/imgs/jenkins-login.png diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/wireguard.png b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/imgs/wireguard.png similarity index 100% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/wireguard.png rename to docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/imgs/wireguard.png diff --git a/docs/course/topic-2-DevOps/chapter-6-deployment/lab/overview.md b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/overview.md similarity index 96% rename from docs/course/topic-2-DevOps/chapter-6-deployment/lab/overview.md rename to docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/overview.md index d2fb8e6..65f011e 100644 --- a/docs/course/topic-2-DevOps/chapter-6-deployment/lab/overview.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-4-deployment/lab/overview.md @@ -1,8 +1,8 @@ --- title: Labs Overview layout: custom -grand_parent: Topic 2 - DevOps -parent: Chapter 6 - Deployment +grand_parent: Topic 3 - CI/CD Fundamentals +parent: Chapter 4 - Deployment nav_order: 1 --- diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/index.md b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/index.md similarity index 99% rename from docs/course/topic-2-DevOps/chapter-3-containerization/index.md rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/index.md index ffcd8ee..7b56cf1 100644 --- a/docs/course/topic-2-DevOps/chapter-3-containerization/index.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/index.md @@ -1,10 +1,10 @@ --- -title: Chapter 3 - Containerization +title: Chapter 5 - Containerization layout: custom -parent: Topic 2 - DevOps +parent: Topic 3 - CI/CD Fundamentals has_children: true has_toc: false -nav_order: 3 +nav_order: 5 --- ## Definition of Containerization diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/containerization-lab-1.md b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/containerization-lab-1.md similarity index 99% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/containerization-lab-1.md rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/containerization-lab-1.md index 1662012..d84c734 100644 --- a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/containerization-lab-1.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/containerization-lab-1.md @@ -1,8 +1,8 @@ --- layout: custom title: Lab 1. Containerizing a React Application -grand_parent: Topic 2 - DevOps -parent: Chapter 3 - Containerization +grand_parent: Topic 3 - CI/CD Fundamentals +parent: Chapter 5 - Containerization nav_order: 2 --- # Lab 1 - Containerizing a React Application diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/containerization-lab-2.md b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/containerization-lab-2.md similarity index 98% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/containerization-lab-2.md rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/containerization-lab-2.md index cf059df..7771157 100644 --- a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/containerization-lab-2.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/containerization-lab-2.md @@ -1,8 +1,8 @@ --- layout: custom title: Lab 2. Accessing Corporate Network and AWS ECR -grand_parent: Topic 2 - DevOps -parent: Chapter 3 - Containerization +grand_parent: Topic 3 - CI/CD Fundamentals +parent: Chapter 5 - Containerization nav_order: 3 --- # Lab 2 - Accessing Corporate Network and AWS ECR diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/clone.png b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/clone.png similarity index 100% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/clone.png rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/clone.png diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/dashboard.png b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/dashboard.png similarity index 100% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/dashboard.png rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/dashboard.png diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/fork.png b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/fork.png similarity index 100% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/imgs/fork.png rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/fork.png diff --git a/docs/course/topic-2-DevOps/chapter-6-deployment/lab/imgs/wireguard.png b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/wireguard.png similarity index 100% rename from docs/course/topic-2-DevOps/chapter-6-deployment/lab/imgs/wireguard.png rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/imgs/wireguard.png diff --git a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/overview.md b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/overview.md similarity index 96% rename from docs/course/topic-2-DevOps/chapter-3-containerization/lab/overview.md rename to docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/overview.md index 8598680..f0cb904 100644 --- a/docs/course/topic-2-DevOps/chapter-3-containerization/lab/overview.md +++ b/docs/course/Topic-3-CICD-Concepts/chapter-5-containerization/lab/overview.md @@ -1,8 +1,8 @@ --- title: Labs Overview layout: custom -grand_parent: Topic 2 - DevOps -parent: Chapter 3 - Containerization +grand_parent: Topic 3 - CI/CD Fundamentals +parent: Chapter 5 - Containerization nav_order: 1 --- diff --git a/docs/course/Topic-3-CICD-Concepts/index.md b/docs/course/Topic-3-CICD-Concepts/index.md new file mode 100644 index 0000000..07ffe84 --- /dev/null +++ b/docs/course/Topic-3-CICD-Concepts/index.md @@ -0,0 +1,13 @@ +--- +title: Topic 3 - CI/CD Fundamentals +layout: custom +has_children: true +has_toc: false +nav_order: 5 +--- + +# Topic 3 - CI/CD Fundamentals + +| Chapter | Learning Objectives | Lab Description | +|---------|---------------------|-----------------| + diff --git a/docs/course/Topic-3-CICD-Concepts/review-and-knowledge-check/index.md b/docs/course/Topic-3-CICD-Concepts/review-and-knowledge-check/index.md new file mode 100644 index 0000000..6801c83 --- /dev/null +++ b/docs/course/Topic-3-CICD-Concepts/review-and-knowledge-check/index.md @@ -0,0 +1,9 @@ +--- +title: Topic Review and Knowledge Check +layout: custom +parent: Topic 3 - CI/CD Fundamentals +has_toc: false +nav_order: 5 +--- + +# Topic Review and Knowledge Check \ No newline at end of file diff --git a/docs/course/topic-3-devsecops/chapter-1-devsecops/index.md b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-1-devsecops/index.md similarity index 99% rename from docs/course/topic-3-devsecops/chapter-1-devsecops/index.md rename to docs/course/Topic-4-Devsecops-Fundmentals/chapter-1-devsecops/index.md index ccea82b..1499ad3 100644 --- a/docs/course/topic-3-devsecops/chapter-1-devsecops/index.md +++ b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-1-devsecops/index.md @@ -1,7 +1,7 @@ --- title: Chapter 1 - DevSecOps layout: custom -parent: Topic 3 - DevSecOps +parent: Topic 4 - DevSecOps Fundamentals has_toc: false nav_order: 1 --- diff --git a/docs/course/topic-3-devsecops/chapter-1-devsecops/labs/devsecops-lab-1.md b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-1-devsecops/labs/devsecops-lab-1.md similarity index 100% rename from docs/course/topic-3-devsecops/chapter-1-devsecops/labs/devsecops-lab-1.md rename to docs/course/Topic-4-Devsecops-Fundmentals/chapter-1-devsecops/labs/devsecops-lab-1.md diff --git a/docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/index.md b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/index.md similarity index 99% rename from docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/index.md rename to docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/index.md index cf2ce22..318e6ff 100644 --- a/docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/index.md +++ b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/index.md @@ -1,7 +1,7 @@ --- title: Chapter 2 - Security Checks in CI/CD layout: custom -parent: Topic 3 - DevSecOps +parent: Topic 4 - DevSecOps Fundamentals has_children: true has_toc: false nav_order: 2 diff --git a/docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/lab/devsecops-lab-1.md b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/lab/devsecops-lab-1.md similarity index 100% rename from docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/lab/devsecops-lab-1.md rename to docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/lab/devsecops-lab-1.md diff --git a/docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/lab/overview.md b/docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/lab/overview.md similarity index 100% rename from docs/course/topic-3-devsecops/chapter-2-security-checks-in-CICD/lab/overview.md rename to docs/course/Topic-4-Devsecops-Fundmentals/chapter-2-security-checks-in-CICD/lab/overview.md diff --git a/docs/course/topic-3-devsecops/index.md b/docs/course/Topic-4-Devsecops-Fundmentals/index.md similarity index 90% rename from docs/course/topic-3-devsecops/index.md rename to docs/course/Topic-4-Devsecops-Fundmentals/index.md index 91dad1d..db60ffc 100644 --- a/docs/course/topic-3-devsecops/index.md +++ b/docs/course/Topic-4-Devsecops-Fundmentals/index.md @@ -1,12 +1,12 @@ --- -title: Topic 3 - DevSecOps +title: Topic 4 - DevSecOps Fundamentals layout: custom has_children: true has_toc: false nav_order: 5 --- -# Topic 3 - DevSecOps +# Topic 4 - DevSecOps Fundamentals | Chapter | Learning Objectives | Lab Description | |---------|---------------------|-----------------| diff --git a/docs/course/Topic-5-Cloud/chapter-1-Intro-to-Cloud/index.md b/docs/course/Topic-5-Cloud/chapter-1-Intro-to-Cloud/index.md new file mode 100644 index 0000000..3866906 --- /dev/null +++ b/docs/course/Topic-5-Cloud/chapter-1-Intro-to-Cloud/index.md @@ -0,0 +1,112 @@ +--- +title: Chapter 1 - Intro to Cloud +layout: custom +parent: Topic 5 - Cloud +has_toc: false +nav_order: 1 +--- +# Introduction to Cloud + +The cloud has become the foundation upon which DevSecOps practices are built. From scalable infrastructure to rapid deployment capabilities, understanding the cloud is key to implementing secure, efficient pipelines. + +--- + +## What is Cloud Computing? + +Imagine needing a powerful computer to test your code, store large amounts of data, or run an app for millions of users. Instead of buying expensive hardware, you rent what you need—on demand, from someone else’s infrastructure. That, in essence, is cloud computing. + +Cloud computing provides on-demand access to computing resources—like servers, storage, and networking—delivered over the internet. Instead of managing physical hardware, teams can scale up or down their computing needs quickly and cost-effectively. + +> **NIST Definition**: "Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources." + +--- + +## Key Benefits + +- **Scalability**: Adjust resources based on demand +- **Cost efficiency**: Pay only for what you use +- **Speed**: Rapid provisioning of infrastructure +- **Accessibility**: Work from anywhere + +--- + +## Example Scenario + +Ani is building a web app that lets users upload and edit videos. She needs a way to store large video files, process them quickly, and make the app available globally. Instead of setting up servers herself, Ani uses Amazon Web Services (AWS) to host her application, run processing jobs, and store videos in the cloud. The cloud lets her focus on building features—not managing hardware. + +--- + +## Cloud Service Models + +Cloud services fall into three main categories. Think of them as layers of abstraction that handle more and more of the infrastructure for you: + +### 1. IaaS – Infrastructure as a Service +You rent virtual machines, storage, and networking. You manage the OS and software. +**Examples**: AWS EC2, Microsoft Azure Virtual Machines + +### 2. PaaS – Platform as a Service +You build apps on top of a managed platform. The provider handles the OS, runtime, and infrastructure. +**Examples**: Heroku, Google App Engine + +### 3. SaaS – Software as a Service +You use the software over the internet without worrying about how it runs. +**Examples**: Google Workspace, GitHub + +![Cloud Service Models](../../../../images/introtocloudcapstone.png) + + +--- + +## Cloud Deployment Models + +Different organizations use the cloud in different ways depending on their needs, size, and security posture. + +- **Public Cloud** + Services offered over the internet and shared across organizations. + *Examples*: AWS, Azure, GCP + *Use Case*: Startups, scalable applications + +- **Private Cloud** + Cloud environment dedicated to a single organization. + *Use Case*: Healthcare, financial institutions + +- **Hybrid Cloud** + Mix of public and private clouds. + *Use Case*: Enterprises with legacy systems + +- **Multi-Cloud** + Using services from multiple cloud providers. + *Use Case*: Large enterprises avoiding vendor lock-in + +--- + +## Cloud Security Fundamentals + +Security in the cloud is a shared responsibility between the cloud provider and the customer. + +### Shared Responsibility Model + +- **Provider**: Security *of* the cloud (hardware, infrastructure, etc.) +- **Customer**: Security *in* the cloud (data, apps, IAM) + +### Key Concepts + +- **IAM (Identity & Access Management)**: Control who can access what, and what actions they can take +- **Encryption**: Protect data in transit and at rest +- **Logging & Monitoring**: Track system activity for threats and auditing + +--- + +## Summary + +Cloud computing is the backbone of modern DevSecOps. It allows teams to innovate quickly, deploy securely, and scale easily. From choosing the right service model to understanding your security responsibilities, cloud knowledge is essential for any DevSecOps practitioner. + +--- + +## Resources + +- [Google Cloud Security Overview](https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-security-overview) +- [AWS Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/) +- [Azure Cloud Adoption Framework](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/) +- [NIST SP 800-145](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf) +- [IBM – What is Cloud Computing](https://www.ibm.com/think/topics/cloud-computing) diff --git a/docs/course/Topic-5-Cloud/chapter-2-cloud-in-devsecops/index.md b/docs/course/Topic-5-Cloud/chapter-2-cloud-in-devsecops/index.md new file mode 100644 index 0000000..5aa9f42 --- /dev/null +++ b/docs/course/Topic-5-Cloud/chapter-2-cloud-in-devsecops/index.md @@ -0,0 +1,7 @@ +--- +title: Chapter 2 - Cloud in DevSecOps +layout: custom +parent: Topic 5 - Cloud +has_toc: false +nav_order: 2 +--- \ No newline at end of file diff --git a/docs/course/Topic-5-Cloud/index.md b/docs/course/Topic-5-Cloud/index.md new file mode 100644 index 0000000..3e922b2 --- /dev/null +++ b/docs/course/Topic-5-Cloud/index.md @@ -0,0 +1,15 @@ +--- +title: Topic 5 - Cloud +layout: custom +has_children: true +has_toc: false +nav_order: 6 +--- + +# Topic 5 - Cloud + +| Chapter | Learning Objectives | Lab Description | +|---------|---------------------|-----------------| +| Chapter 1: Intro to Cloud | + + diff --git a/docs/course/Topic-6-DevSecOps-in-Industry/chapter-1-use-of-devsecops-in-industry/index.md b/docs/course/Topic-6-DevSecOps-in-Industry/chapter-1-use-of-devsecops-in-industry/index.md new file mode 100644 index 0000000..9de3268 --- /dev/null +++ b/docs/course/Topic-6-DevSecOps-in-Industry/chapter-1-use-of-devsecops-in-industry/index.md @@ -0,0 +1,7 @@ +--- +title: Chapter 1 - Use of DevSecOps in Industry +layout: custom +parent: Topic 6 - DevSecOps in Industry +has_toc: false +nav_order: 1 +--- \ No newline at end of file diff --git a/docs/course/Topic-6-DevSecOps-in-Industry/index.md b/docs/course/Topic-6-DevSecOps-in-Industry/index.md new file mode 100644 index 0000000..a66435c --- /dev/null +++ b/docs/course/Topic-6-DevSecOps-in-Industry/index.md @@ -0,0 +1,13 @@ +--- +title: Topic 6 - DevSecOps in Industry +layout: custom +has_children: true +has_toc: false +nav_order: 7 +--- +# Topic 6 - DevSecOps in Industry + +| Chapter | Learning Objectives | Lab Description | +|---------|---------------------|-----------------| +| Chapter 1: Use of DevSecOps in Industry | + diff --git a/docs/course/index.md b/docs/course/index.md index 85f5e33..9af2ebc 100644 --- a/docs/course/index.md +++ b/docs/course/index.md @@ -9,7 +9,7 @@ nav_order: 1 - + diff --git a/docs/course/topic-2-DevOps/index.md b/docs/course/topic-2-DevOps/index.md deleted file mode 100644 index f740141..0000000 --- a/docs/course/topic-2-DevOps/index.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -title: Topic 2 - DevOps -layout: custom -has_children: true -has_toc: false -nav_order: 4 ---- - -# Topic 2 - Development & Operations (DevOps) - -| Chapter | Learning Objectives | Lab Description | -|---------|---------------------|-----------------| -| Chapter 1: Intro to DevOps | - Define DevOps and explore its challenges and benefits
    - Discuss roles in Development and Operations and the DevOps lifecycle | | -| Chapter 2: Intro to CI/CD | - Explain CI/CD within the DevOps framework
    - Discuss CI/CD lifecycle, benefits, and methods | | -| Chapter 3: Containerization | - Define containerization and its advantages in cloud computing
    - Explore Kubernetes and microservices architectures
    - Learn about container application consistency | **Lab 1: Containerizing a React Application**
    - Create and run a Docker image of a React application
    - Interact with a running Docker container
    **Lab 2: Accessing Corporate Network and AWS ECR**
    - Establish a VPN and use AWS IAM credentials to authenticate and push Docker images to AWS ECR | -| Chapter 4: Webhooks | - Discuss the role and setup of webhooks in CI/CD automation
    - Explore webhook triggers and their applications | | -| Chapter 5: Automated Tests | - Outline the role of automated testing in CI/CD
    - Discuss strategies and integration into the pipeline | | -| Chapter 6: Deployment | - Define deployment environments and strategies
    - Explore deployment challenges in large-scale environments | **Lab: Configuring a Simple Jenkins Pipeline**
    - Automate a Dockerized application deployment using Jenkins
    - Create and configure a Jenkins pipeline with webhooks | - diff --git a/docs/other/index.md b/docs/other/index.md index a4d252b..94d86af 100644 --- a/docs/other/index.md +++ b/docs/other/index.md @@ -3,5 +3,5 @@ title: Other Documents layout: custom has_children: true has_toc: false -nav_order: 6 +nav_order: 8 --- \ No newline at end of file diff --git a/images/introtocloudcapstone.png b/images/introtocloudcapstone.png new file mode 100644 index 0000000..b6bd764 Binary files /dev/null and b/images/introtocloudcapstone.png differ diff --git a/index.md b/index.md index bbd553d..b42a6aa 100644 --- a/index.md +++ b/index.md @@ -4,9 +4,6 @@ layout: custom nav_order: 0 --- # DevSecOps Curriculum 💻 ->> Made by 2024 University of Washington Informatics Capstone Team Info Innovators - ->> Sponsored by Boeing Welcome to our open-source DevSecOps curriculum! @@ -37,10 +34,3 @@ To understand the skills gap that new graduates face, refer to our [User Researc ## Contributing to the Curriculum 🤝 Contributions are welcome! Help us keep the curriculum relevant and effective by updating content, adding new exercises, or providing feedback. - -### Connect with the Creators 🔗 -- [Sirena Akopyan](https://www.linkedin.com/in/sirena-akopyan/) -- [Bhavya Garlapati](https://www.linkedin.com/in/bhavya-garlapati-95ab46225/) -- [Eric Kim](https://www.linkedin.com/in/taehyunnkim/) -- [Mari Woodworth](https://www.linkedin.com/in/marikowoodworth/) -- [Brandon Mendoza](https://www.linkedin.com/in/bwmendo/)
    Topic Chapter and Title Interactive Lab