Skip to content

Tutorial submission #2914

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sofiabobadilla merged 5 commits into from
Oct 9, 2025
Merged

Tutorial submission #2914

sofiabobadilla merged 5 commits into from
Oct 9, 2025

Conversation

@AlessandroColi
Copy link
Contributor

@AlessandroColi AlessandroColi commented Oct 8, 2025
edited
Loading

Assignment Proposal

Title

Zero-Trust Data Pipelines: A Practical DevOps Security Tutorial

Names and KTH ID

Deadline

  • Task 3

Category

  • Executable tutorial

Description

The tutorial can be found at https://colab.research.google.com/drive/1Qak_zpwuk8imhXdM1hchimNOjuk5eGtC?usp=sharing

This interactive tutorial will provide students with some training and explanation on securing pipelines against threats. It will guide people in transforming a vulnerable deployment workflow into a secure, automated pipeline by implementing security controls that run automatically during build and deployment processes.

Specifically, it will have students add good practices inside their code:

  • Pre-commit security states: automated integrity verification, blocking deployments when data integrity checks fail.
  • Build time srotection: cryptographic hashing and secret scanning to prevent credential exposure in pipeline artifacts.
  • Deployment controls: automated security validation and rollback mechanism, enforcing security standards before deployment
  • Pipeline incident response: continuous security validation throughout lifecycle.
    The intended learning outcomes of our tutorial are:
  • Implement automated security gates in CI/CD workflows
  • Configure integrity verification in pipelines
  • Build deployment security controls that maintain DevOps velocity
  • Automate security incident response within pipeline operations
    All exercises run directly in Colab using GitHub Actions examples and pipeline configuration patterns that participants can immediately apply to their workflows.
    Relevance
    One of the most expensive and common reasons for DevOps pipeline failures is data integrity issues. The ability to have automated security controls in place becomes crucial as DevOps teams handle sensitive data across distributed systems more frequently. This tutorial bridges the gap between security theory and real-world application, giving DevOps students useful skills.

@AlessandroColi
Copy link
Contributor Author

AlessandroColi commented Oct 8, 2025

We updated the tutorial after receiving the feedback a few hours ago, it's now fully completed.

ps. there's an easter egg somewhere 🙊

@AlessandroColi
Copy link
Contributor Author

AlessandroColi commented Oct 8, 2025

Submission of the executable tutorial proposed in #2882

The tutorial can be found at https://colab.research.google.com/drive/1Qak_zpwuk8imhXdM1hchimNOjuk5eGtC?usp=sharing

@sofiabobadilla
Copy link
Collaborator

sofiabobadilla commented Oct 9, 2025

We have received the submission.

The task will be graded in the upcoming weeks, and the grades will be reported on canvas.

Thank you for your work.

@sofiabobadilla sofiabobadilla self-assigned this Oct 9, 2025
@sofiabobadilla sofiabobadilla merged commit 40c8a8c into KTH:2025 Oct 9, 2025
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sofiabobadilla sofiabobadilla

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AlessandroColi @sofiabobadilla