-
Notifications
You must be signed in to change notification settings - Fork 428
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
45 changed files
with
1,161 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| **The pull request must both contain a README.md and have description following this template:** | ||
|
|
||
| **The README.md file must be located in the directory**: | ||
|
|
||
| `contributions/demo/week4/jkuo-vanjav/README.md` | ||
|
|
||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Feast in MLOps | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Josephine Kuo [email protected] | ||
| - Vanja Vidmark [email protected] | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 4 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
|
|
||
| ## Description | ||
| We will demonstrate how to use the feature store “Feast”. | ||
|
|
||
| We will showcase how to deploy a local feature store, build a training set using time series features and how to retrieve training data by getting historical data. This solves the problem of “point in time join” which is the problem of getting features that are accurate at a specific point in time. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Feast is an open-source feature store designed for managing and serving machine learning features. It helps streamline the process of feature engineering and provides a centralized repository for storing and managing features used in machine learning models. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Using Comet ML to analyze and compare the performance of ML models | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Lauren Llauradó ([email protected]) | ||
| - Pere Mateu Raventós ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 4 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| The objective of this demonstration is to show the importance of having a way to test and compare the performance of ML models for our applications. | ||
|
|
||
| To do that, we will create two simple machine learning models with a simple dataset, and see that the performance analysis is not a straightforward task, due to having many metrics and ways to analyze it, and each one having its own libraries and structure. Then, we will use Comet ML, which has all the metrics integrated in one single place. Then we will also show how it makes it easy to use them in different applications. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Being able to easily analyze the performance of your models is crucial, in order to accelerate the model iterations. In addition, comparing models and being able to reproduce tests in multiple scenarios also lets you be consistent and go faster in your machine learning projects. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Check-mate: Keep your OpenTofu configurations problem-free | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Anton Rådberg ([email protected]) | ||
| - Wiktor Dobrosierdow ([email protected]) | ||
|
|
||
| ## Deadline | ||
| - Week 5 | ||
|
|
||
| ## Category | ||
| - Demo | ||
|
|
||
| ## Description | ||
| This demo will demonstrate how Checkov can be used to analyze IaC configuration files to avoid misconfigurations and policy violations making it into production. The infrastructure will be built upon OpenTofu and GitHub actions will be used to run Checkov tests. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Identifying and preventing security and compliance issues before deployment is important in IaC contexts even more so because of increased automation in DevOps contexts. | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Infrastructure as Code Using Ansible Playbooks | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Arber Limani ([email protected]) | ||
| - Tom Sorger ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 7 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| In this demo, we'll demonstrate how to use `Ansible` to automate the deployment of an application. This approach is useful when setting up multiple instances of the same application for development, testing, and production. The demo will show how `Ansible playbooks` can automatically configure all instances in a consistent manner, ensuring the same setup across every environment. | ||
|
|
||
| **Relevance** | ||
|
|
||
| This demo is highly relevant to DevOps because it showcases how automation tools like Ansible can streamline the deployment process, ensuring consistency across multiple environments. By automating infrastructure and configuration management, it reduces the risk of human error and allows teams to quickly deploy and scale applications in development, testing, and production environments. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
| Terraform - Using infrastructre as code in DevOps | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Student Tomi Toma ([email protected]) | ||
| - Student Emil Sjölander ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| Week 5 | ||
|
|
||
| ## Category | ||
|
|
||
| Demo | ||
|
|
||
| ## Description | ||
|
|
||
| We are going to demonstrate using Terraform for infracture as code to automate cloud infracture provisioning in aws or azure. We will show examples of how to deploy and mange aws or azure servers using terraform. We will demonstrate why terraform is efficent compared to other methods. | ||
|
|
||
| **Relevance** | ||
|
|
||
| In DevOps it is essential that deploymens are done fast, reliable and consistent, Terraform is a popular tool which is used to manage infracture as code and allows the developers to define how they want their infracture set up via a config file and then deploy it to the cloud service. This reduces manual errors and makes it easier to scale and maintain the infracture. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Using Pulumi Policy as Code to enforce rules on IaC managed cloud resources. | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Johannes Matsson ([email protected]) | ||
| - Jonatan Tuvstedt ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 5 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| The goal of this assignment is to demonstrate Pulumi's Policy as Code solution by showing a Policy for Cloud Storage (either Google cloud storage or AWS S3) in action. For this we will have a Pulumi CrossGuard policy for cloud storage and non compliant cloud storage resource created and managed by pulumi. We will first show the non compliant cloud storage in the cloud, then demonstrate that the CrossGuard Policy does not approve it. After that we will live fix the storage before finally showing it passing the Policy as Code check and being deployed. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Infrastructure as code is an important topic in devops as being able to use code instead of manually managing disparate resources through online control centers is difficult, annoying and hard to have an overview of. But it is still easy to create unsafe or bad cloud resources with IaC, and therefore having a Policy as Code checks to enforce Policy compliance allows you to further integrate your IaC into your CI/CD pipeline. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Infrastructure as code for dynamic deployments | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Rikard Johansson ([email protected]) | ||
| - Mille af Rolén ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 5 | ||
|
|
||
| ## Category | ||
|
|
||
| - Scientific Paper | ||
|
|
||
| ## Description | ||
| Modern DevOps requires automation and flexibility to manage frequent infrastructure changes. Traditional Infrastructure as Code (IaC) tools are limited to static configurations, needing manual updates for dynamic behavior. Dynamic IaC (DIaC) overcomes this by enabling real-time, automatic infrastructure adjustments based on external signals. Our presentation will showcase the authors findings about DIaC in two practical cases and introduce ProTI, a testing tool for validating dynamic IaC programs. | ||
|
|
||
|
|
||
| **Relevance** | ||
|
|
||
| This paper is relevant for DevOps teams seeking better automation and scalability. DIaC offers continuous adaptation for cloud infrastructures, while ProTI ensures correctness in complex dynamic environments. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| _Streamlining Python Dependency Management with Poetry_ | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Carl Wang ([email protected]) | ||
| - Jakub Rybak ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 6 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| We will demonstrate how Poetry simplifies Python dependency management, from adding/removing dependencies to automatically updating configuration files, i.e. `pyproject.toml` and `poetry.lock`. Additionally, we will showcase more advanced features like dependency grouping, selective installation, and Poetry scripting to automate additional dependency related tasks. We'll also show how to export dependencies to `requirements.txt` for compatibility with other tools. The demo will highlight Poetry’s capabilities in dependency resolution and version constraints, paired with sample Docker deployment to showcase Poetry's seamless integration with containerization workflows. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Automatic dependency management tools are widely used today, it is a crucial part of DevOps due to its efficiency in syncing environments across different machines. Tools like Maven and Gradle for Java are popular and industry standard. However, less people are aware that there are also such tools for Python, a more environment relied language. By leveraging Poetry's powerful dependency management capabilities and integrating it with containerization platforms, such as Docker, developers can ensure consistent and reproducible Python environments across development, testing, and production stages. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Ensuring the integrity and source of software packages | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Martin Lindefors ([email protected]) | ||
| - Melvin Jakobsson ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 6 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| We intend to demonstrate how easy it can be to fall victim to attacks such as typosquatting or dependency confusion. We will do this by creating two bogus packages in `pip` & `npm` and highlight some weaknesses in those package managers. We will then show how to cryptographically verify the authenticity of packages using Sigstore & `npm audit`. Finally we will end with a note on the importance of verifying the origin of software, an often overlooked aspect of software development. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Since the demo will include both package managers and software verification it is relevant for both of this weeks topics. In particular, verifying the origin of software packages is more relevant than ever because of the widespread nature of package managers and the comfortability of outsourcing code to these packages. Furthermore, there are several examples of attacks related to package managers. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| _Hardening GitHub Actions for increased security_ | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Sofia Edvardsson ([email protected]) | ||
| - Ludvig Christensen ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 6 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| We plan to demonstrate how [StepSecurity Harden-Runner](https://github.com/step-security/harden-runner) can be implemented to harden the security of GitHub Actions runners. We will showcase how to mitigate and detect different attacks, such as supply chain attacks and workflow credential exfiltration. We will also briefly compare Harden-Runner to tools with similar functionality. | ||
|
|
||
| **Relevance** | ||
|
|
||
| DevOps principles, such as CI/CD, can by themselves introduce new attack vectors. A [recent example](https://adnanthekhan.com/2024/04/15/an-obscure-actions-workflow-vulnerability-in-googles-flank/) being a security researcher finding a vulnerability in the GitHub Actions workflow in an open source Google repository, which could have resulted in a supply chain attack. Our demo will showcase mitigations and detection of such attack vectors, making it relevant to DevOps, and more specifically DevSecOps. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Using dependabot to automatically detect vulnerabilities in imported packages | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Tobias Carlsson ([email protected]) | ||
| - Siham Shahoud ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 6 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| We want to demo dependabot, it is a tool that scans imported libraries for vulnerabilities, we want to demo how dependabot will automatically create pull requests when an imported library shows a vulnerability. This is very beneficial with keeping your applications more secure from vulnerable code that is not directly under your control. | ||
|
|
||
| **Relevance** | ||
|
|
||
| This let's organisations automatically check their applications for security vulnerabilities and therefore is a valuable tool for DevSecOps. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Comparing pnpm, npm and yarn | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Yilei Cheng ([email protected]) | ||
| - Laicaiwei Wang ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Week 6 | ||
|
|
||
| ## Category | ||
|
|
||
| - Demo | ||
|
|
||
| ## Description | ||
|
|
||
| In this demo, we will compare three popular JavaScript package managers: npm, Yarn, and pnpm. We’ll explore their core features, performance differences, and unique capabilities. Through live demonstrations, we’ll compare installation speeds, disk space usage, and other practical aspects to help you understand which tool might best suit your development needs. By the end of the session, you’ll have a clear perspective on the strengths and trade-offs of each package manager, enabling you to make an informed choice for your projects. | ||
|
|
||
| **Relevance** | ||
|
|
||
| Comparing npm, Yarn, and pnpm is crucial for understanding how different package managers handle dependency management. Each tool offers unique features and optimizations that affect installation speed, disk usage, and dependency resolution. Knowing these differences helps you choose the best tool for efficient and effective project management. |
26 changes: 26 additions & 0 deletions
26
contributions/executable-tutorial/arberl-mateusma/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Assignment Proposal | ||
|
|
||
| ## Title | ||
|
|
||
| Nixpkgs and its use for reproducible environments for better local testing. | ||
|
|
||
| ## Names and KTH ID | ||
|
|
||
| - Arber Limani ([email protected]) | ||
| - Mateus Marinheiro ([email protected]) | ||
|
|
||
| ## Deadline | ||
|
|
||
| - Task 3 | ||
|
|
||
| ## Category | ||
|
|
||
| - Executable Tutorial | ||
|
|
||
| ## Description | ||
|
|
||
| We will give a brief overview of the Nixpkgs syntax as well as its benefits while teaching how to apply it to real world scenarios. We will also provide a guide on how to change your environments to test your code locally before committing it to your repo. | ||
|
|
||
| **Relevance** | ||
|
|
||
| It is very important to test your code before you submit it, even if there are CI actions in place. As a team starts to grow, different developers with different machines with different environment states. It is therefore essential to ensure that even if machines have different configurations the result of testing should be the same. |
Oops, something went wrong.