From 0c6a9b8698769f31baba09d490ae3920a355cce1 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Wed, 10 Sep 2025 14:42:21 +0200 Subject: [PATCH 01/12] Create README.md --- .../feedback/ahmadak-student/README.md | 53 +++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 contributions/feedback/ahmadak-student/README.md diff --git a/contributions/feedback/ahmadak-student/README.md b/contributions/feedback/ahmadak-student/README.md new file mode 100644 index 0000000000..1ad70fe53a --- /dev/null +++ b/contributions/feedback/ahmadak-student/README.md @@ -0,0 +1,53 @@ +**The pull request must both contain a README.md and have description following the template below. This README.md must be the only file affected by the PR, and its contents must match the PR description exactly. The pull request must be created 3 business days before the actual delivery.** + +**The README.md file must be located in the directory**: + +`contributions//[/]-/README.md` + +# Assignment Proposal + +## Title + +_The title of your proposal_ + +## Names and KTH ID + + - Student name 1 (student123@kth.se) + - Student name 2 (student321@kth.se) + +## Deadline + +_Selected deadline for the assignment_ + +_If contribution is a **demo** or **presentation** or **scientific-paper** pick one of the following:_ +- Week 2 +- Week 3 +- Week 4 +- Week 5 +- Week 6 +- Week 7 + +_Else pick one of the following:_ +- Task 1 +- Task 2 +- Task 3 + +## Category + +_Category of your proposal_ + +_Pick one of the following:_ +- Demo +- Presentation +- Executable tutorial +- Scientific paper +- Open source +- Feedback + +## Description + +_Description of your proposal_ + +**Relevance** + +_Motivate the relevance of your proposal with respect to DevOps_ From 717b0f32c40004df921e72a5c3ad1dfd3adb92de Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Wed, 10 Sep 2025 14:49:35 +0200 Subject: [PATCH 02/12] Update README.md --- .../feedback/ahmadak-student/README.md | 24 +++---------------- 1 file changed, 3 insertions(+), 21 deletions(-) diff --git a/contributions/feedback/ahmadak-student/README.md b/contributions/feedback/ahmadak-student/README.md index 1ad70fe53a..34848ffdf8 100644 --- a/contributions/feedback/ahmadak-student/README.md +++ b/contributions/feedback/ahmadak-student/README.md @@ -1,18 +1,12 @@ -**The pull request must both contain a README.md and have description following the template below. This README.md must be the only file affected by the PR, and its contents must match the PR description exactly. The pull request must be created 3 business days before the actual delivery.** - -**The README.md file must be located in the directory**: - -`contributions//[/]-/README.md` - # Assignment Proposal ## Title -_The title of your proposal_ +Feedback on Scientific paper - Poisoning Web-Scale Training Datasets is Practical ## Names and KTH ID - - Student name 1 (student123@kth.se) + - Ahmad Al Khateeb (ahmadak@kth.se) - Student name 2 (student321@kth.se) ## Deadline @@ -34,20 +28,8 @@ _Else pick one of the following:_ ## Category -_Category of your proposal_ - -_Pick one of the following:_ -- Demo -- Presentation -- Executable tutorial -- Scientific paper -- Open source - Feedback ## Description -_Description of your proposal_ - -**Relevance** - -_Motivate the relevance of your proposal with respect to DevOps_ +Feedback for ([#2747])(https://github.com/KTH/devops-course/pull/2747) From 316e36f1dbe9794debd1b2152d1ed69bc420800a Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Wed, 10 Sep 2025 14:59:02 +0200 Subject: [PATCH 03/12] Update README.md --- contributions/feedback/ahmadak-student/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributions/feedback/ahmadak-student/README.md b/contributions/feedback/ahmadak-student/README.md index 34848ffdf8..55d13313e6 100644 --- a/contributions/feedback/ahmadak-student/README.md +++ b/contributions/feedback/ahmadak-student/README.md @@ -32,4 +32,4 @@ _Else pick one of the following:_ ## Description -Feedback for ([#2747])(https://github.com/KTH/devops-course/pull/2747) +We would like to review the scientific paper [#2747](https://github.com/KTH/devops-course/pull/2747) and give feedback on it. From 029c31d69744e50f05050c8fccce282be41cafd3 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Thu, 11 Sep 2025 21:23:47 +0200 Subject: [PATCH 04/12] Update README.md --- contributions/feedback/ahmadak-student/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributions/feedback/ahmadak-student/README.md b/contributions/feedback/ahmadak-student/README.md index 55d13313e6..b4843746ee 100644 --- a/contributions/feedback/ahmadak-student/README.md +++ b/contributions/feedback/ahmadak-student/README.md @@ -7,7 +7,7 @@ Feedback on Scientific paper - Poisoning Web-Scale Training Datasets is Practica ## Names and KTH ID - Ahmad Al Khateeb (ahmadak@kth.se) - - Student name 2 (student321@kth.se) + - Edwin So (edwinso@kth.se) ## Deadline From 021653804fda8933a8f3cf6509589be0836539a5 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Thu, 11 Sep 2025 21:31:35 +0200 Subject: [PATCH 05/12] Update and rename README.md to README.md --- .../{ahmadak-student => ahmadak-edwinso}/README.md | 13 ------------- 1 file changed, 13 deletions(-) rename contributions/feedback/{ahmadak-student => ahmadak-edwinso}/README.md (61%) diff --git a/contributions/feedback/ahmadak-student/README.md b/contributions/feedback/ahmadak-edwinso/README.md similarity index 61% rename from contributions/feedback/ahmadak-student/README.md rename to contributions/feedback/ahmadak-edwinso/README.md index b4843746ee..df7c278116 100644 --- a/contributions/feedback/ahmadak-student/README.md +++ b/contributions/feedback/ahmadak-edwinso/README.md @@ -11,19 +11,6 @@ Feedback on Scientific paper - Poisoning Web-Scale Training Datasets is Practica ## Deadline -_Selected deadline for the assignment_ - -_If contribution is a **demo** or **presentation** or **scientific-paper** pick one of the following:_ -- Week 2 -- Week 3 -- Week 4 -- Week 5 -- Week 6 -- Week 7 - -_Else pick one of the following:_ -- Task 1 -- Task 2 - Task 3 ## Category From 6cf9a0d2ed53497f22335c15377219cbdd7f97c0 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Wed, 17 Sep 2025 14:24:50 +0200 Subject: [PATCH 06/12] Update README.md --- contributions/feedback/ahmadak-edwinso/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributions/feedback/ahmadak-edwinso/README.md b/contributions/feedback/ahmadak-edwinso/README.md index df7c278116..b150ea695e 100644 --- a/contributions/feedback/ahmadak-edwinso/README.md +++ b/contributions/feedback/ahmadak-edwinso/README.md @@ -19,4 +19,4 @@ Feedback on Scientific paper - Poisoning Web-Scale Training Datasets is Practica ## Description -We would like to review the scientific paper [#2747](https://github.com/KTH/devops-course/pull/2747) and give feedback on it. +We have reviewed and gave feedback to [#2747](https://github.com/KTH/devops-course/pull/2747). From 388032ba0aa47de2b8d0c7b0fac966eb44ac21d9 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Thu, 18 Sep 2025 22:12:12 +0200 Subject: [PATCH 07/12] Create README.md --- .../week6/ahmadak-gjenner/README.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 contributions/scientific-paper/week6/ahmadak-gjenner/README.md diff --git a/contributions/scientific-paper/week6/ahmadak-gjenner/README.md b/contributions/scientific-paper/week6/ahmadak-gjenner/README.md new file mode 100644 index 0000000000..666e7ddb93 --- /dev/null +++ b/contributions/scientific-paper/week6/ahmadak-gjenner/README.md @@ -0,0 +1,28 @@ +# Assignment Proposal + +## Title + +Securing the Software Supply Chain in DevSecOps with in-toto (USENIX Security 19) + +## Names and KTH ID + +- Ahmad Al Khateeb (ahmadak@kth.se) +- Gustav Jenner (gjenner@kth.se) + +## Deadline + +- Week 5 + +## Category + +- Scientific paper + +## Description + +We want to present the USENIX Security 2019 paper "in-toto: Providing fram-to-table guarnatees for bits and bytes." The authors present a practical framework to secure the software supply chain with signed link metadata and a supply-chain layout - highly relevant to dependency integrity and DevSecOps pipelines. + +This is the link to the [paper](https://www.usenix.org/system/files/sec19-torres-arias.pdf). + +**Relevance** + +Dependency management is now the critical control point in DevSecOps. This subject translates a peer-reviewed security design (in-toto) into concrete practices for CI/CD: signed provenance, policy-driven verification, and reducing trust in transitive dependencies - directly addressing risks highlighted by modern supply-chain incidents. From 07ce837790063756c18b254e3a2ad9b279203887 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Fri, 19 Sep 2025 20:24:06 +0200 Subject: [PATCH 08/12] Update README.md --- contributions/scientific-paper/week6/ahmadak-gjenner/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributions/scientific-paper/week6/ahmadak-gjenner/README.md b/contributions/scientific-paper/week6/ahmadak-gjenner/README.md index 666e7ddb93..e492b1da14 100644 --- a/contributions/scientific-paper/week6/ahmadak-gjenner/README.md +++ b/contributions/scientific-paper/week6/ahmadak-gjenner/README.md @@ -11,7 +11,7 @@ Securing the Software Supply Chain in DevSecOps with in-toto (USENIX Security 19 ## Deadline -- Week 5 +- Week 6 ## Category From 066323d85ef7f92e0323f44cf6118ca7a93cf4a6 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Fri, 19 Sep 2025 21:16:17 +0200 Subject: [PATCH 09/12] Create README.md --- .../ahmadak-somaiya/README.md | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 contributions/executable-tutorial/ahmadak-somaiya/README.md diff --git a/contributions/executable-tutorial/ahmadak-somaiya/README.md b/contributions/executable-tutorial/ahmadak-somaiya/README.md new file mode 100644 index 0000000000..b4676f603b --- /dev/null +++ b/contributions/executable-tutorial/ahmadak-somaiya/README.md @@ -0,0 +1,29 @@ +# Assignment Proposal + +## Title + +CD in GitLab + +## Names and KTH ID + +- Somaiya Abdulrahman (somaiya@kth.se) +- Ahmad Al Khateeb (ahmadak@kth.se) + +## Deadline + +- Task 2 + +## Category + +- Executable Tutorial + +## Description + +This tutorial introduces users to the fundamentals of Continuous Integration and Continuous Delivery (CI/CD) using GitLab. Starting from a simple application, users will configure automated pipelines that build, test, and deploy code with each commit. It will cover both a basic workflow (where every commit automatically triggers deployment) and a rule-based workflow, where deployment depends on branch or environment-specific conditions. + +Following our tutorial, users will gain practical experience with the .gitlab-ci.yml configuration, setting up jobs/rules, and deploying to a containerized environment (Docker). Along the tutorial, we will reflect on the speed, safety, and automation of CD. + + +**Relevance** + +CI/CD is a key part of modern DevOps. It helps teams get quick feedback, lower the risk of failed releases, and deliver updates faster. GitLab's built-in CI/CD is popular across many industries because it makes development workflows easier to manage. In this tutorial, participants will learn how to set up and run GitLab pipelines and think about how automation affects both speed and reliability. Users will also see how CI/CD practices can be adapted to different teams and projects. From 1e558d7010818dccb545a90ac2fe9115a861c9f8 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Fri, 19 Sep 2025 21:23:01 +0200 Subject: [PATCH 10/12] Update README.md --- contributions/executable-tutorial/ahmadak-somaiya/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributions/executable-tutorial/ahmadak-somaiya/README.md b/contributions/executable-tutorial/ahmadak-somaiya/README.md index b4676f603b..9bf0149075 100644 --- a/contributions/executable-tutorial/ahmadak-somaiya/README.md +++ b/contributions/executable-tutorial/ahmadak-somaiya/README.md @@ -11,7 +11,7 @@ CD in GitLab ## Deadline -- Task 2 +- Task 3 ## Category From 9c413e0734874b4853681802f664783559e76c91 Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Fri, 26 Sep 2025 00:32:32 +0200 Subject: [PATCH 11/12] Update README.md --- .../ahmadak-somaiya/README.md | 27 ++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/contributions/executable-tutorial/ahmadak-somaiya/README.md b/contributions/executable-tutorial/ahmadak-somaiya/README.md index 9bf0149075..df4936df7d 100644 --- a/contributions/executable-tutorial/ahmadak-somaiya/README.md +++ b/contributions/executable-tutorial/ahmadak-somaiya/README.md @@ -19,9 +19,30 @@ CD in GitLab ## Description -This tutorial introduces users to the fundamentals of Continuous Integration and Continuous Delivery (CI/CD) using GitLab. Starting from a simple application, users will configure automated pipelines that build, test, and deploy code with each commit. It will cover both a basic workflow (where every commit automatically triggers deployment) and a rule-based workflow, where deployment depends on branch or environment-specific conditions. - -Following our tutorial, users will gain practical experience with the .gitlab-ci.yml configuration, setting up jobs/rules, and deploying to a containerized environment (Docker). Along the tutorial, we will reflect on the speed, safety, and automation of CD. +This tutorial introduces users to the fundamentals of Continuous Integration and Continuous Delivery (CI/CD) using GitLab through a progressive scenario; starting with a simple pipeline, then extending it to more advanced real-world workflows. +1. Step 1 - Basic CI/CD + * Introduce a minimal `.gitlab-ci.yml` file. + * Configure jobs to build and test a simple Dockerized application. + * Show how every commit triggers a pipeline automatically. +2. Step 2 - Branch and Environment Rules + * Add rules for staging vs. produciton deployments. + * Demonstrate conditional jobs (e.g., `only: main` for production) +3. Step 3 - Multi-Stage Delivery with Approvals + * Introduce sequential environments: build -> test -> staging -> production. + * Use manual approvals or protected branches for production releases. +4. Step 4 - Security & Quality Gates + * Add jobs for litning, unit tests, and a container vulnerability scan. + * Fail the pipeline if vulnerabilities or test errors are found. +5. Step 5 - Visualizatoin and Reflection + * Show pipeline flow using GitLab's pipeline graph. + * Discuss trade-offs: speed vs. safety, automation vs. manual control. + + + +Following our tutorial, users will: +* Understatnd how to set up `.gitlab-ci.yml` with multiple stages. +* Learn how to deploy to different environments seccurely. +* Gain hands-on practice with DevOps concepts: automation, quality gates, and safe releases. **Relevance** From 8da0c6351b1c55c30ef2941333035f037ff4ed4e Mon Sep 17 00:00:00 2001 From: Ahmad Al Khateeb <81230101+AhmadAddee@users.noreply.github.com> Date: Fri, 26 Sep 2025 01:12:00 +0200 Subject: [PATCH 12/12] Update README.md --- .../executable-tutorial/ahmadak-somaiya/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/contributions/executable-tutorial/ahmadak-somaiya/README.md b/contributions/executable-tutorial/ahmadak-somaiya/README.md index df4936df7d..9fb70d6053 100644 --- a/contributions/executable-tutorial/ahmadak-somaiya/README.md +++ b/contributions/executable-tutorial/ahmadak-somaiya/README.md @@ -25,7 +25,7 @@ This tutorial introduces users to the fundamentals of Continuous Integration and * Configure jobs to build and test a simple Dockerized application. * Show how every commit triggers a pipeline automatically. 2. Step 2 - Branch and Environment Rules - * Add rules for staging vs. produciton deployments. + * Add rules for staging vs. production deployments. * Demonstrate conditional jobs (e.g., `only: main` for production) 3. Step 3 - Multi-Stage Delivery with Approvals * Introduce sequential environments: build -> test -> staging -> production. @@ -33,15 +33,15 @@ This tutorial introduces users to the fundamentals of Continuous Integration and 4. Step 4 - Security & Quality Gates * Add jobs for litning, unit tests, and a container vulnerability scan. * Fail the pipeline if vulnerabilities or test errors are found. -5. Step 5 - Visualizatoin and Reflection +5. Step 5 - Visualization and Reflection * Show pipeline flow using GitLab's pipeline graph. * Discuss trade-offs: speed vs. safety, automation vs. manual control. Following our tutorial, users will: -* Understatnd how to set up `.gitlab-ci.yml` with multiple stages. -* Learn how to deploy to different environments seccurely. +* Understand how to set up `.gitlab-ci.yml` with multiple stages. +* Learn how to deploy to different environments securely. * Gain hands-on practice with DevOps concepts: automation, quality gates, and safe releases.