diff --git a/contributions/README.md b/contributions/README.md index c8b49a4193..ac31bfa5c4 100644 --- a/contributions/README.md +++ b/contributions/README.md @@ -46,8 +46,6 @@ General Intro about the course. ### Week 4 1. [_CRISP-ML(Q). The End-to-End Machine Learning Workflow_](https://github.com/KTH/devops-course/pull/2417) -1. [The importance of reliable testing methods](https://github.com/KTH/devops-course/pull/2398) -1. [Using Bicep to edit Azure resources as code](https://github.com/KTH/devops-course/pull/2398) 1. [Tensorboard: A suite of visualization tools to understand, debug, and optimize TensorFlow programs for ML experimentation](https://github.com/KTH/devops-course/pull/2442) 1. [Dynamic model rollbacks using MLflow](https://github.com/KTH/devops-course/pull/2452) 1. [CodeRabbit: Automated AI Code Reviews](https://github.com/KTH/devops-course/pull/2460) @@ -61,4 +59,5 @@ General Intro about the course. 1. [Using Comet ML to analyze and compare the performance of ML models](https://github.com/KTH/devops-course/pull/2485) 1. [MLOps for Cyber-Physical Production Systems: Challenges and Solutions](https://github.com/KTH/devops-course/pull/2486) 1. [Quality Assurance in MLOps Setting: An Industrial Perspective](https://github.com/KTH/devops-course/pull/2479) +1. [The importance of reliable testing methods](https://github.com/KTH/devops-course/pull/2397) diff --git a/contributions/demo/week5/aleliu-jakstrom b/contributions/demo/week5/aleliu-jakstrom new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/contributions/demo/week5/aleliu-jakstrom @@ -0,0 +1 @@ + diff --git a/contributions/demo/week5/aradberg-wiktord/README.md b/contributions/demo/week5/aradberg-wiktord/README.md new file mode 100644 index 0000000000..274623293c --- /dev/null +++ b/contributions/demo/week5/aradberg-wiktord/README.md @@ -0,0 +1,24 @@ +# Assignment Proposal + +## Title + +Check-mate: Keep your OpenTofu configurations problem-free + +## Names and KTH ID + + - Anton Rådberg (aradberg@kth.se) + - Wiktor Dobrosierdow (wiktord@kth.se) + +## Deadline +- Week 5 + +## Category +- Demo + +## Description +This demo will demonstrate how Checkov can be used to analyze IaC configuration files to avoid misconfigurations and policy violations making it into production. The infrastructure will be built upon OpenTofu and GitHub actions will be used to run Checkov tests. + +**Relevance** + +Identifying and preventing security and compliance issues before deployment is important in IaC contexts even more so because of increased automation in DevOps contexts. + diff --git a/contributions/demo/week5/arberl-sorger/README.md b/contributions/demo/week5/arberl-sorger/README.md new file mode 100644 index 0000000000..55b8d4406b --- /dev/null +++ b/contributions/demo/week5/arberl-sorger/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Infrastructure as Code Using Ansible Playbooks + +## Names and KTH ID + +- Arber Limani (arberl@kth.se) +- Tom Sorger (sorger@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Demo + +## Description + +In this demo, we'll demonstrate how to use `Ansible` to automate the deployment of an application. This approach is useful when setting up multiple instances of the same application for development, testing, and production. The demo will show how `Ansible playbooks` can automatically configure all instances in a consistent manner, ensuring the same setup across every environment. + +**Relevance** + +This demo is highly relevant to DevOps because it showcases how automation tools like Ansible can streamline the deployment process, ensuring consistency across multiple environments. By automating infrastructure and configuration management, it reduces the risk of human error and allows teams to quickly deploy and scale applications in development, testing, and production environments. diff --git a/contributions/demo/week5/jmatsso-jtuv/README.md b/contributions/demo/week5/jmatsso-jtuv/README.md new file mode 100644 index 0000000000..d64224fa19 --- /dev/null +++ b/contributions/demo/week5/jmatsso-jtuv/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Using Pulumi Policy as Code to enforce rules on IaC managed cloud resources. + +## Names and KTH ID + + - Johannes Matsson (jmatsso@kth.se) + - Jonatan Tuvstedt (jtuv@kth.se) + +## Deadline + +- Week 5 + +## Category + +- Demo + +## Description + +The goal of this assignment is to demonstrate Pulumi's Policy as Code solution by showing a Policy for Cloud Storage (either Google cloud storage or AWS S3) in action. For this we will have a Pulumi CrossGuard policy for cloud storage and non compliant cloud storage resource created and managed by pulumi. We will first show the non compliant cloud storage in the cloud, then demonstrate that the CrossGuard Policy does not approve it. After that we will live fix the storage before finally showing it passing the Policy as Code check and being deployed. + +**Relevance** + +Infrastructure as code is an important topic in devops as being able to use code instead of manually managing disparate resources through online control centers is difficult, annoying and hard to have an overview of. But it is still easy to create unsafe or bad cloud resources with IaC, and therefore having a Policy as Code checks to enforce Policy compliance allows you to further integrate your IaC into your CI/CD pipeline. \ No newline at end of file diff --git a/contributions/demo/week6/carlwang-jrybak/README.md b/contributions/demo/week6/carlwang-jrybak/README.md new file mode 100644 index 0000000000..eeb3ed22ab --- /dev/null +++ b/contributions/demo/week6/carlwang-jrybak/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +_Streamlining Python Dependency Management with Poetry_ + +## Names and KTH ID + +- Carl Wang (carlwang@kth.se) +- Jakub Rybak (jrybak@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +We will demonstrate how Poetry simplifies Python dependency management, from adding/removing dependencies to automatically updating configuration files, i.e. `pyproject.toml` and `poetry.lock`. Additionally, we will showcase more advanced features like dependency grouping, selective installation, and Poetry scripting to automate additional dependency related tasks. We'll also show how to export dependencies to `requirements.txt` for compatibility with other tools. The demo will highlight Poetry’s capabilities in dependency resolution and version constraints, paired with sample Docker deployment to showcase Poetry's seamless integration with containerization workflows. + +**Relevance** + +Automatic dependency management tools are widely used today, it is a crucial part of DevOps due to its efficiency in syncing environments across different machines. Tools like Maven and Gradle for Java are popular and industry standard. However, less people are aware that there are also such tools for Python, a more environment relied language. By leveraging Poetry's powerful dependency management capabilities and integrating it with containerization platforms, such as Docker, developers can ensure consistent and reproducible Python environments across development, testing, and production stages. diff --git a/contributions/demo/week6/melvinj-lindefor/README.md b/contributions/demo/week6/melvinj-lindefor/README.md new file mode 100644 index 0000000000..94e1c2f0fa --- /dev/null +++ b/contributions/demo/week6/melvinj-lindefor/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Ensuring the integrity and source of software packages + +## Names and KTH ID + +- Martin Lindefors (lindefor@kth.se) +- Melvin Jakobsson (melvinj@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +We intend to demonstrate how easy it can be to fall victim to attacks such as typosquatting or dependency confusion. We will do this by creating two bogus packages in `pip` & `npm` and highlight some weaknesses in those package managers. We will then show how to cryptographically verify the authenticity of packages using Sigstore & `npm audit`. Finally we will end with a note on the importance of verifying the origin of software, an often overlooked aspect of software development. + +**Relevance** + +Since the demo will include both package managers and software verification it is relevant for both of this weeks topics. In particular, verifying the origin of software packages is more relevant than ever because of the widespread nature of package managers and the comfortability of outsourcing code to these packages. Furthermore, there are several examples of attacks related to package managers. \ No newline at end of file diff --git a/contributions/demo/week6/sofiaedv-ludvigch/README.md b/contributions/demo/week6/sofiaedv-ludvigch/README.md new file mode 100644 index 0000000000..18c505dcb7 --- /dev/null +++ b/contributions/demo/week6/sofiaedv-ludvigch/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +_Hardening GitHub Actions for increased security_ + +## Names and KTH ID + + - Sofia Edvardsson (sofiaedv@kth.se) + - Ludvig Christensen (ludvigch@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +We plan to demonstrate how [StepSecurity Harden-Runner](https://github.com/step-security/harden-runner) can be implemented to harden the security of GitHub Actions runners. We will showcase how to mitigate and detect different attacks, such as supply chain attacks and workflow credential exfiltration. We will also briefly compare Harden-Runner to tools with similar functionality. + +**Relevance** + +DevOps principles, such as CI/CD, can by themselves introduce new attack vectors. A [recent example](https://adnanthekhan.com/2024/04/15/an-obscure-actions-workflow-vulnerability-in-googles-flank/) being a security researcher finding a vulnerability in the GitHub Actions workflow in an open source Google repository, which could have resulted in a supply chain attack. Our demo will showcase mitigations and detection of such attack vectors, making it relevant to DevOps, and more specifically DevSecOps. diff --git a/contributions/demo/week6/yilei-lawang/README.md b/contributions/demo/week6/yilei-lawang/README.md new file mode 100644 index 0000000000..809725d044 --- /dev/null +++ b/contributions/demo/week6/yilei-lawang/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Comparing pnpm, npm and yarn + +## Names and KTH ID + +- Yilei Cheng (yilei@kth.se) +- Laicaiwei Wang (lawang@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Demo + +## Description + +In this demo, we will compare three popular JavaScript package managers: npm, Yarn, and pnpm. We’ll explore their core features, performance differences, and unique capabilities. Through live demonstrations, we’ll compare installation speeds, disk space usage, and other practical aspects to help you understand which tool might best suit your development needs. By the end of the session, you’ll have a clear perspective on the strengths and trade-offs of each package manager, enabling you to make an informed choice for your projects. + +**Relevance** + +Comparing npm, Yarn, and pnpm is crucial for understanding how different package managers handle dependency management. Each tool offers unique features and optimizations that affect installation speed, disk usage, and dependency resolution. Knowing these differences helps you choose the best tool for efficient and effective project management. diff --git a/contributions/executable-tutorial/arberl-mateusma/README.md b/contributions/executable-tutorial/arberl-mateusma/README.md new file mode 100644 index 0000000000..ecd8820d60 --- /dev/null +++ b/contributions/executable-tutorial/arberl-mateusma/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Nixpkgs and its use for reproducible environments for better local testing. + +## Names and KTH ID + +- Arber Limani (arberl@kth.se) +- Mateus Marinheiro (mateusma@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Executable Tutorial + +## Description + +We will give a brief overview of the Nixpkgs syntax as well as its benefits while teaching how to apply it to real world scenarios. We will also provide a guide on how to change your environments to test your code locally before committing it to your repo. + +**Relevance** + +It is very important to test your code before you submit it, even if there are CI actions in place. As a team starts to grow, different developers with different machines with different environment states. It is therefore essential to ensure that even if machines have different configurations the result of testing should be the same. diff --git a/contributions/executable-tutorial/peremr-inigoaa/README.md b/contributions/executable-tutorial/peremr-inigoaa/README.md new file mode 100644 index 0000000000..af9fa301ca --- /dev/null +++ b/contributions/executable-tutorial/peremr-inigoaa/README.md @@ -0,0 +1,34 @@ +# Assignment Proposal + +## Title + +Managing project dependencies with Devbox + +## Names and KTH ID + + - Íñigo Aréjula Aísa (inigoaa@kth.se) + - Pere Mateu Raventós (peremr@kth.se) + +## Deadline + +- Task 2 + +## Category + +- executable-tutorial + +## Description + +Devbox is a command-line tool that lets you easily create isolated shells for development. You start by defining the list of packages required for your project, and Devbox creates an isolated, reproducible environment with those packages installed. We will create a tutorial that explains how to use Devbox to manage project dependencies. The tutorial will cover the following topics: +- Why devbox is useful +- How to install dependencies with devbox +- How to create scripts in devbox +- How to replicate the same environment in your CI/CD pipeline with GH Actions + +**Relevance** + +Devbox is relevant to DevOps as it simplifies creating reproducible development environments, ensuring consistency across local, testing, and production setups. This aligns with DevOps principles, improving collaboration, automation, and the reliability of CI/CD pipelines. + +**Links to our tutorial** +Killercoda [https://killercoda.com/arejula27/scenario/devbox-tutorial](https://killercoda.com/arejula27/scenario/devbox-tutorial) +Github repository [https://github.com/arejula27/devbox-tutorial](https://github.com/arejula27/devbox-tutorial) diff --git a/contributions/executable-tutorial/smhanna-anouiser/README.md b/contributions/executable-tutorial/smhanna-anouiser/README.md new file mode 100644 index 0000000000..e7b3485993 --- /dev/null +++ b/contributions/executable-tutorial/smhanna-anouiser/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Multibranch pipelines with ArgoCD + +## Names and KTH ID + + - Sam Maltin (smhanna@kth.se) + - Amin Nouiser (anouiser@kth.se) + +## Deadline + +- Task 1 + +## Category + +- Executable tutorial + +## Description + +The tutorial will demonstrate how to set up and manage a multibranch pipeline for Kubernetes clusters using ArgoCD. We'll guide readers through creating a development branch for testing a web application and a production branch for stable releases. ArgoCD will be integrated with Git to automate the deployment process, ensuring that each commit triggers an update. + +**Relevance** + +As automation is a core principle of DevOps, this tutorial is highly relevant to good DevOps practices. \ No newline at end of file diff --git a/contributions/feedback/atheers-miladsf/README.md b/contributions/feedback/atheers-miladsf/README.md index ae9701eb46..3fe7cd80f3 100644 --- a/contributions/feedback/atheers-miladsf/README.md +++ b/contributions/feedback/atheers-miladsf/README.md @@ -20,3 +20,5 @@ Feedback on Scientific Paper [TinyMLOps: Operational Challenges for Widespread E ## Description We want to provide a feedback for the scientfic paper presentation [TinyMLOps: Operational Challenges for Widespread Edge AI Adoption](https://github.com/KTH/devops-course/pull/2478) + +We have add the feedback as comment on the original PR [here](https://github.com/KTH/devops-course/pull/2478#issuecomment-2353081693) and we have also added the feedback in **feedback.md** diff --git a/contributions/feedback/atheers-miladsf/feedback.md b/contributions/feedback/atheers-miladsf/feedback.md new file mode 100644 index 0000000000..21647334db --- /dev/null +++ b/contributions/feedback/atheers-miladsf/feedback.md @@ -0,0 +1,58 @@ +# Feedback + +By Atheer Salim, Milad Farahani + +Number of Words: 608 +## Code of Conduct + +**I/We certify that generative AI, incl. ChatGPT, has not been used to write this feedback. Using generative AI without permission is considered academic misconduct.** + +## High Level Overview + +### Strengths +- The presentation covers critical issues about TinyMLOps that are highly relevant in the current day and age. +- The structure was well-thought-out, with coverage of relevant aspects of TinyMLOps. +- Good introduction with an engaging aspect of humor. +- Inclusion of technical part regarding TinyMLOps. +- There is a good emphasis on practical implications which offers insight into real-world applications. +- Excellent speech and tone. +- Great illustrations +- Good Take-Home Message + + +### Weaknesses +- Wrong date on the intro slides. +- The slides contain the name and slide number to the bottom right which is not accurate with the current slide. +- Clearly distinguish the content included in the paper you are presenting from content taken from other papers. +- Talk a bit more about the related papers in terms of their achievement. + +## Additional Material + +The paper [Implementing MLOps on Edge-Cloud Systems: A New Paradigm for Training at the Edge](https://uwspace.uwaterloo.ca/items/bc1f43a4-96dd-44d6-946f-b5cd19660647) proposes a MLOps architecture used to orchestrate edge-cloud model training and synchronization. The model has been tested on IoT devices, this material could be relevant to look at + +The presentation briefly mentioned Federated Learning. A deeper overview of Federated Learning as opposed to Centralized Training could be valuable. One of the many sources providing good insight regarding Federated Learning is Google’s work. They clearly describe how Federated Learning could serve as a reference for understanding how updates can be managed across distributed devices. Here is one of the many sources: [Federated Learning: Collaborative Machine Learning without Centralized Training Data](https://research.google/blog/federated-learning-collaborative-machine-learning-without-centralized-training-data/) + +## More Detailed Feedback + +### General +The tone and the speech of the presenters were very good. But just like in machine learning, more training would result in an even better speech :) + +The way the presenters covered the need to address challenges in edge AI deployment was done in a good way, making it understandable for the listener. + +The technical part was explained in a manner that was coherent for the listener and not overwhelming. There were also readable code snippets included which extended the technical details even further. + +### Introduction +In the first few slides of your presentation, it contains the date “21 September 2024” which does not align with the date of week 4 presentation time. Which should be “18 September 2024” + +The touch of humor was very refreshing and multiple jokes were funny. Especially the AI standing for "Apple Intelligence" joke. Another entertaining visual was the hand pinching “TinyMLOps” indicating that it is “tiny”. + +### Fragmented landscape Slide +When discussing ONNX it would be nice if you could show an example of the exported format that would make it easier to understand and clearly show the benefits it has. + +When you mention Rune, it should be clearly highlighted that this was not presented in the paper you are presenting and that it comes from another paper. Furthermore, the citation for the paper (presenting Rune) is not visible since the text color matches the background, making it hard to see. + +### Protecting Models Intellectual Property Slide +Could you elaborate further on what exactly “local access” means when you are talking about direct stealing, does this mean physical access, root access, or what exactly? + +### Take Home Message Slide +In the end, it was evident that the take-home message was well-thought-out. It was broad enough for it to cover TinyMLOps but also specific enough to encapsulate the purpose of the paper and its findings. diff --git a/contributions/feedback/campione-sorger/README.md b/contributions/feedback/campione-sorger/README.md new file mode 100644 index 0000000000..7f1ff01f6f --- /dev/null +++ b/contributions/feedback/campione-sorger/README.md @@ -0,0 +1,22 @@ +# Assignment Proposal + +## Title + +Feedback on "nixpgs for reproducible environments" + +## Names and KTH ID + +- Marco Campione (campione@kth.se) +- Tom Sorger (sorger@kth.se) + +## Deadline + +- Task 3 + +## Category + +- Feedback + +## Description + +We would like to give feedback for [this executable tutorial](https://github.com/KTH/devops-course/pull/2455). diff --git a/contributions/feedback/dgaspar-mateusma/README.md b/contributions/feedback/dgaspar-mateusma/README.md new file mode 100644 index 0000000000..1bd715ab90 --- /dev/null +++ b/contributions/feedback/dgaspar-mateusma/README.md @@ -0,0 +1,22 @@ +# Assignment Proposal + +## Title + +Feedback on scientific paper *Microservices: Architecting for Continuous Delivery and DevOps*. + +## Names and KTH ID + + - Diogo Gaspar (dgaspar@kth.se) + - Mateus Marinheiro (mateusma@kth.se) + +## Deadline + +- Task 1 + +## Category + +- Feedback + +## Description + +Submitted feedback to [this scientific paper's presentation](https://github.com/KTH/devops-course/pull/2399). diff --git a/contributions/feedback/diogogm-tmbpe/README.md b/contributions/feedback/diogogm-tmbpe/README.md new file mode 100644 index 0000000000..e0f0356854 --- /dev/null +++ b/contributions/feedback/diogogm-tmbpe/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Feedback on Presentation [Tensorboard: A suite of visualization tools to understand, debug, and optimize TensorFlow programs for ML experimentation](https://github.com/KTH/devops-course/pull/2442) + +## Names and KTH ID + + - Diogo Melita (diogogm@kth.se) + - Tomás Esteves (tmbpe@kth.se) + +## Deadline +- Task 3 + +## Category +- Feedback + +## Description +We want to provide feedback to Mateus and Marco's presentation on [Tensorboard: A suite of visualization tools to understand, debug, and optimize TensorFlow programs for ML experimentation](https://github.com/KTH/devops-course/pull/2442) + +We have submitted the [feedback here](https://github.com/KTH/devops-course/pull/2442#issuecomment-2357898306). + +**Relevance** + +Allow the presenters to receive some feedback before the presentation. + diff --git a/contributions/feedback/hexu-peiyang/README.md b/contributions/feedback/hexu-peiyang/README.md new file mode 100644 index 0000000000..c7570a57d9 --- /dev/null +++ b/contributions/feedback/hexu-peiyang/README.md @@ -0,0 +1,24 @@ +# Assignment Proposal + +## Title + +Feedback on Scientific Paper [MLOps for Cyber-Physical Production Systems: Challenges and Solutions](https://github.com/KTH/devops-course/pull/2486) + +## Names and KTH ID + + - Hexu Li (hexu@kth.se) + - Peiyang Zheng (peiyang@kth.se) + +## Deadline + +- Task 1 + +## Category + +- Feedback + +## Description + +We provide a feedback for the scientfic paper presentation [MLOps for Cyber-Physical Production Systems: Challenges and Solutions](https://github.com/KTH/devops-course/pull/2486) + +The feedback is posted as a comment [here](https://github.com/KTH/devops-course/pull/2486#issuecomment-2356898018) diff --git a/contributions/feedback/ieinberg/README.md b/contributions/feedback/ieinberg/README.md new file mode 100644 index 0000000000..7c92d7123c --- /dev/null +++ b/contributions/feedback/ieinberg/README.md @@ -0,0 +1,20 @@ +# Assignment Proposal + +## Title + +Feedback for the presentation "Comparing the differential mechanisms of declarative Terraform and imperative AWS infrastructure as code". +## Names and KTH ID + +- Isak Einberg (ieinberg@kth.se) + +## Deadline + +Task 2 + +## Category + +- Feedback + +## Description + +Feedback for [#2387](https://github.com/KTH/devops-course/pull/2387) by hallkvi@kth.se and lindefor@kth.se. \ No newline at end of file diff --git a/contributions/feedback/inigoaa-lllr/README.md b/contributions/feedback/inigoaa-lllr/README.md new file mode 100644 index 0000000000..b8d1014204 --- /dev/null +++ b/contributions/feedback/inigoaa-lllr/README.md @@ -0,0 +1,24 @@ +# Assignment Proposal + +## Title + +Feedback for Executable Tutorial: Security Linting in Python using Bandit. + +## Names and KTH ID + + - Iñigo Aréjula Aísa (inigoaa@kth.se) + - Lauren Llauradó (lllr@kth.se) + +## Deadline + +- Task 1 + +## Category + +- Feedback + +## Description + +We will provide feedback on the executable tutorial "Security Linting in Python using Bandit" + +Link: https://github.com/KTH/devops-course/pull/2453 diff --git a/contributions/feedback/jtuv-jmaragna/README.md b/contributions/feedback/jtuv-jmaragna/README.md new file mode 100644 index 0000000000..d25e08eafb --- /dev/null +++ b/contributions/feedback/jtuv-jmaragna/README.md @@ -0,0 +1,23 @@ +# Assignment Proposal + +## Title + +Feedback for Executable Tutorial [Managing project dependencies with Devbox](https://github.com/KTH/devops-course/pull/2470) + +## Names and KTH ID + + - Jonatan Tuvstedt (jtuv@kth.se) + - Jack Maragna (jmaragna@kth.se) + +## Deadline + +- Task 2 + +## Category + +- Feedback + +## Description + +We will provide feedback to the Executable Tutorial [Managing project dependencies with Devbox](https://github.com/KTH/devops-course/pull/2470) made by Íñigo Aréjula Aísa and +Pere Mateu Raventós on Devbox. diff --git a/contributions/feedback/noelt-samkh/README.md b/contributions/feedback/noelt-samkh/README.md new file mode 100644 index 0000000000..6a3a5270d9 --- /dev/null +++ b/contributions/feedback/noelt-samkh/README.md @@ -0,0 +1,21 @@ +# Assignment Proposal + +## Title + +Feedback on Scientific Paper Quality Assurance in MLOps Setting: An Industrial Perspective + +## Names and KTH ID + + - Noel Tesfalidet (noelt@kth.se) + - Sam Khosravi (samkh@kth.se) + +## Deadline +- Task 1 + +## Category +- Feedback + +## Description +We want to give Atheer & Milad some feedback on their presentation on the paper Quality Assurance in MLOps Setting: An Industrial Perspective + +The feedback is posted as a comment [in this PR](https://github.com/KTH/devops-course/pull/2479) diff --git a/contributions/feedback/streuli-mqnguyen/README.md b/contributions/feedback/streuli-mqnguyen/README.md new file mode 100644 index 0000000000..db165c8c98 --- /dev/null +++ b/contributions/feedback/streuli-mqnguyen/README.md @@ -0,0 +1,22 @@ +# Assignment Proposal + +## Title + +Feedback on Executable Tutorial: Continuous delivery to GitHub container registry and containerization + +## Names and KTH ID + + - David Streuli (streuli@kth.se) + - Quang Minh Nguyen (mqnguyen@kth.se) + +## Deadline + +Task 1 + +## Category + +- Feedback + +## Description + +We would like to submit feedback for [#2423](https://github.com/KTH/devops-course/pull/2423) \ No newline at end of file diff --git a/contributions/open-source/inigoaa-jmaragna/README.md b/contributions/open-source/inigoaa-jmaragna/README.md new file mode 100644 index 0000000000..e43c408e78 --- /dev/null +++ b/contributions/open-source/inigoaa-jmaragna/README.md @@ -0,0 +1,35 @@ +# Assignment Proposal + +## Title + +_--enable-feature: Consider removing no-default-scrape-port_ + +## Names and KTH ID + + - Jacopo Maragna (jmaragna@kth.se) + - Íñigo Aréjula Aísa (inigoaa@kth.se) + +## Deadline + +- Task 3 + +## Category + +- open-source + +## Description + +Prometheus has different features available. However, some of them are not immediately available by default, but they can be enabled using flags. What the community is requesting is to enable some of these features by default. What we are proposing to do is to take this [issue](https://github.com/prometheus/prometheus/issues/13959) and resolve the problem. + +Now, an outline of the various tasks we aim to solve: +1. Understand the project architecture and source code. +2. Set up the environment and run the project/tests. +3. Tackle the problem itself: + - By default, we want the `no-default-scrape-port` feature to be enabled. + - Add the possibility to disable it on demand. + - Update the documentation. + +**Relevance** + +Prometheus is crucial in DevOps for its ability to monitor (Week 7) and analyze system performance in real-time. It helps teams collect metrics, set alerts, and automate responses, ensuring system reliability and quick incident resolution. This enhances the core DevOps practices of continuous integration, deployment, and collaboration. + diff --git a/contributions/presentation/week5/bthiberg-noakj/README.md b/contributions/presentation/week5/bthiberg-noakj/README.md new file mode 100644 index 0000000000..d8f58fc42b --- /dev/null +++ b/contributions/presentation/week5/bthiberg-noakj/README.md @@ -0,0 +1,30 @@ +# Assignment Proposal + +## Title + +Strimzi - Easy Apache Kafka on Kubernetes + +## Names and KTH ID + + - Björn Thiberg (bthiberg@kth.se) + - Noak Jönsson (noakj@kth.se) + +## Deadline + +- Week 5 + +## Category + +- Presentation + +## Description + +We will present a tool called Strimzi, used for simplifying the process of running the event streaming platform Apache Kafka using Kubernetes. + +Among other things, we'll go over Strimzi's core functionality, what problem it solves, how it is set up and ran and how it fits in to a larger infrastructure and the larger context of DevOps and IaC. + +**Relevance** + +Strimzi is an example of using IaC to manage complex deployments of infrastructure, Apache Kafka + Kubernetes in this case. + +Its "Kubernetes-Native Experience" allows Strimzi to integrate well with e.g. GitOps and other DevOps-y frameworks. diff --git a/contributions/presentation/week5/inigoaa-peremr/README.md b/contributions/presentation/week5/inigoaa-peremr/README.md new file mode 100644 index 0000000000..e1610f66ff --- /dev/null +++ b/contributions/presentation/week5/inigoaa-peremr/README.md @@ -0,0 +1,30 @@ +# Assignment Proposal + +## Title + +BlueBuild: The Cloud-Native Desktop Paradigm + +## Names and KTH ID + + - Iñigo Aréjula Aísa (inigoaa@kth.se) + - Pere Mateu Raventós (peremr@kth.se) + +## Deadline + +- Week 5 + +## Category + +- Presentation + +## Description + +[BlueBuild](https://blue-build.org/) is a tool that leverages the concept of a cloud-native desktop. It integrates DevOps workflows into the process of building Linux distribution images, offering a new way for users to interact with their computers. The entire operating system is defined declaratively in a YAML file and built using GitHub Actions pipelines. The resulting images are immutable, meaning users cannot modify them, ensuring consistency and reproducibility across all images. + +A key advantage is that since the whole build process runs in the cloud, errors are caught in the pipeline, guaranteeing a functional operating system, so you will always boot. + +As an atomic operating system, BlueBuild promotes the use of isolated subsystems, reducing system bloat and preventing operating system instability. + +**Relevance** + +This tool brings all that we have learn from DevOps methodology to a more traditional domain. It enables us to define our infrastructure (operating system) as code, providing benefits such as reproducibility, version control, and portability. \ No newline at end of file diff --git a/contributions/presentation/week5/ollegu-smhanna/README.md b/contributions/presentation/week5/ollegu-smhanna/README.md new file mode 100644 index 0000000000..19d028c58a --- /dev/null +++ b/contributions/presentation/week5/ollegu-smhanna/README.md @@ -0,0 +1,25 @@ +# Assignment Proposal + +## Title + +_TruffleHog - Identifying vulnerable management of secrets for IaC_ + +## Names and KTH ID + + - Olle Gunnemyr (ollegu@kth.se) + - Sam Maltin (smhanna@kth.se) + +## Deadline + +- Week 5 + +## Category + +- Presentation + +## Description +This presentation aims to inform the audience of the security practice of managing secrets for Infrastructure as Code (IaC) and how the Open-Source tool TruffleHog can be used to detect vulnerable uses of secrets. We will first introduce the topic of managing secrets for IaC and what could be considered as poor uses with code snippets. Then present the tool TruffleHog, what it is, works and how it could be used to mitigate risks with exposed secrets in IaC environments. Lastly, we will reflect over Trufflehog, which cases it is most suitable and end with a conclusion. + + +**Relevance** +In IaC, poor management of secrets such as passwords and sensitive keys could easily lead to them being exposed and used by attackers for exploitations. For example, accidentally storing secrets using simple text files or Source Code Managements (SCMs) such as Git could lead to them being exposed. Therefore, it is important to use secrets scanning tools such as TruffleHog, which can scan the Git history and identify strings that could indicate a secret that has been committed to a repository, allowing you to address these issues before they lead to exposure. \ No newline at end of file diff --git a/contributions/presentation/week5/sinakh-eggestig/README.md b/contributions/presentation/week5/sinakh-eggestig/README.md new file mode 100644 index 0000000000..fbfcef3232 --- /dev/null +++ b/contributions/presentation/week5/sinakh-eggestig/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Cost Optimization with Infrastructure as Code + +## Names and KTH ID + +- Sina Khoraman (sinakh@kth.se) +- Robin Eggestig (eggestig@kth.se) + +## Deadline + +- Week 5 + +## Category + +- Presentation + +## Description + +The presentation explores how DevOps teams can leverage Infrastructure as Code (IaC) practices to effectively manage cloud resources and reduce operational costs. It covers strategies for automating infrastructure provisioning, scaling, and decommissioning, ensuring that resources are only consumed when needed. The presentation emphasizes using IaC tools like Terraform to track, audit, and optimize costs in cloud environments by defining resource configurations programmatically. + +**Relevance** + +This topic is highly relevant to the DevOps course because it integrates essential concepts of automation, cloud infrastructure management, and operational efficiency. By understanding cost optimization through IaC, students can apply DevOps principles like continuous delivery, scalability, and resource management to real-world scenarios, ensuring that both performance and cost efficiency are balanced in the systems they develop and maintain. diff --git a/contributions/presentation/week6/arberl-sorger/README.md b/contributions/presentation/week6/arberl-sorger/README.md new file mode 100644 index 0000000000..f5b2d66280 --- /dev/null +++ b/contributions/presentation/week6/arberl-sorger/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +Dynamic Secrets in HashiCorp Vault + +## Names and KTH ID + +- Arber Limani (arberl@kth.se) +- Tom Sorger (sorger@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Presentation + +## Description + +The presentation will explore the concept of dynamic secrets in HashiCorp Vault, a feature that enhances security in managing sensitive information. Unlike static secrets, which are fixed and need to be manually rotated, dynamic secrets are generated on-the-fly and have a limited lifespan, reducing the risk of exposure and simplifying management. + +**Relevance** + +Dynamic secrets are crucial for DevSecOps as they provide automated, temporary credentials that enhance security and reduce manual management. It also minimizes the risk of credential leaks. diff --git a/contributions/presentation/week6/maals-omidfm/README.md b/contributions/presentation/week6/maals-omidfm/README.md new file mode 100644 index 0000000000..09b7ce45da --- /dev/null +++ b/contributions/presentation/week6/maals-omidfm/README.md @@ -0,0 +1,33 @@ +# Assignment Proposal + + +## Title + +Detecting vulnerabilities in Python code using static code analysis with Bandit + +## Names and KTH ID + +Marcus Alström (maals@kth.se) +Omid Fattahi Mehr (omidfm@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Presentation + +## Description + +In this presentation, we will introduce the concept of Static Application Security Testing (SAST), explain why it's important, and explain what problems it tries to solve. +We’ll also demonstrate how and where Static Application Security Testing integrates into the process to enhance security early on in the DevOps pipeline. +From there, we will examine a tool that specifically analyzes Python code called Bandit. +Bandit is a popular, open-source tool designed to identify common security vulnerabilities in Python by statically analyzing code. +It creates an AST and runs a set of plugins to examine the AST nodes for potential security risks. +Finally, we are going to assess the effectiveness of such a tool in the general context of DevSecOps. + +**Relevance** +Static security analysis is an important early step in the DevOps pipeline. By shifting security testing left (earlier in the pipeline) as well as +automating with tools such as Bandit, we can reduce development time and cost. + diff --git a/contributions/presentation/week6/sapinski-amano/README.md b/contributions/presentation/week6/sapinski-amano/README.md new file mode 100644 index 0000000000..936683bd63 --- /dev/null +++ b/contributions/presentation/week6/sapinski-amano/README.md @@ -0,0 +1,27 @@ +# Assignment Proposal + +## Title + +Integrating Organizational Policies Using Open Policy Agent + +## Names and KTH ID + - Christopher Sapinski (sapinski@kth.se) + - Katsutoshi Amano (amano@kth.se) + +## Deadline + +- Week 6 + +## Category + +- Presentation + +## Description + +Open Policy Agent is a tool to write and execute policies for different services. These policies check for compliance and encompass a wide variety of options. +We will highlight the use of OPA to ensure Terraform plans follow policy, while also mentioning the other places that OPA can and should be used. + +**Relevance** + +With the wide variety of tools, it can be a nightmare to try and maintain security for all of them. Instead of writing specific policy code for each different product, OPA unifies the toolset. +This makes it much easier to maintain. These rules can include security specifications such as who can access data. diff --git a/contributions/presentation/week7/melvinj-jtuv/README.md b/contributions/presentation/week7/melvinj-jtuv/README.md new file mode 100644 index 0000000000..d5539a2d07 --- /dev/null +++ b/contributions/presentation/week7/melvinj-jtuv/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +AI Anomaly Detection for log monitoring + +## Names and KTH ID + + - Melvin Jakobsson (melvinj@kth.se) + - Jonatan Tuvstedt (jtuv@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Presentation + +## Description + +In this presentation we will first describe traditional methods of log monitoring. We will then describe the current state of automatic AI log monitoring, including the underlying operating principles of them. Finally comparing and contrasting these two methods. + +**Relevance** + +This topic is relevant because traditional monitoring is limited to act on either predefined anomalies, or for a predefined limit of when the logs are considered an anomaly. In contrast AI anomaly detection tools are a new technology that is rapidly advancing, and which could potentially make log monitoring much more effective. diff --git a/contributions/scientific-paper/week7/lawang-campione/README.md b/contributions/scientific-paper/week7/lawang-campione/README.md new file mode 100644 index 0000000000..7b19f7c7d2 --- /dev/null +++ b/contributions/scientific-paper/week7/lawang-campione/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +- [RefBot: Intelligent Software Refactoring Bot](https://ieeexplore.ieee.org/abstract/document/8952287) + +## Names and KTH ID + +- Laicaiwei Wang (lawang@kth.se) +- Marco Campione (campione@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Scientific paper + +## Description + +This presentation will explore the role of RefBot, an intelligent software refactoring bot that automates the refactoring process within software development. The focus will be on how RefBot leverages machine learning and artificial intelligence to identify code smells, recommend refactoring strategies, and automate code restructuring with minimal developer intervention. It will also discuss the impact of such tools on software quality, maintenance, and developer productivity. + +**Relevance** + +Refactoring is a crucial activity in software development that ensures long-term maintainability and scalability of codebases, which can also be a tedious and error-prone process. RefBot aims to automate this task, reducing the cognitive load on developers and enhancing code quality. diff --git a/contributions/scientific-paper/week7/mateusma-sorger/README.md b/contributions/scientific-paper/week7/mateusma-sorger/README.md new file mode 100644 index 0000000000..e680e97649 --- /dev/null +++ b/contributions/scientific-paper/week7/mateusma-sorger/README.md @@ -0,0 +1,26 @@ +# Assignment Proposal + +## Title + +DevOps Education - Challenges and Recommendations + +## Names and KTH ID + +- Mateus Marinheiro (mateusma@kth.se) +- Tom Sorger (sorger@kth.se) + +## Deadline + +- Week 7 + +## Category + +- Scientific Paper + +## Description + +The paper "[DevOps Education: An Interview Study of Challenges and Recommendations](https://arxiv.org/abs/2203.10324)" investigates the difficulties and solutions in teaching DevOps in educational institutions. The study provides insights into how educators can better structure their courses to help students grasp both the technical and cultural aspects of DevOps. + +**Relevance** + +This research is highly relevant to DevOps because it highlights the growing demand for professionals with DevOps skills in the software industry. As DevOps continues to evolve rapidly, educational institutions face the challenge of preparing students for real-world practices. diff --git a/tools/track_participation.py b/tools/track_participation.py index 6241564337..7d31dc3396 100644 --- a/tools/track_participation.py +++ b/tools/track_participation.py @@ -143,8 +143,11 @@ def get_participation_markdown(participation): content += "| Index | Student Name | Number of Lectures Attended | Lecture(s) attended |\n" content += "|-------|--------------|-------------------|----------------|\n" + # sort by number of lectures attended + sorted_participation = sorted(participation.items(), key=lambda item: len(item[1]), reverse=True) + index = 1 - for author, lectures in participation.items(): + for author, lectures in sorted_participation: lecture_numbers = [f"L{LECTURE_DATES_TO_NUMBER[lecture]}" for lecture in sorted(lectures)] lectures_list = " ".join(map(str, lecture_numbers)) total_lectures = len(lectures) @@ -163,8 +166,11 @@ def get_participation_text(participation): table = PrettyTable() table.field_names = ["Index", "Student Name", "Number of Lectures Attended", "Lecture(s) attended"] + # sort by number of lectures attended + sorted_participation = sorted(participation.items(), key=lambda item: len(item[1]), reverse=True) + index = 1 - for author, lectures in participation.items(): + for author, lectures in sorted_participation: lecture_numbers = [f"L{LECTURE_DATES_TO_NUMBER[lecture]}" for lecture in sorted(lectures)] lectures_list = " ".join(map(str, lecture_numbers)) total_lectures = len(lectures)