Merge branch '2024' of https://github.com/Flug0/devops-course into 2024

.github/workflows/lecture_participation.yml

@@ -9,7 +9,11 @@ permissions:
 
 jobs:
   track-participation:
-    if: github.event.issue.number == 2370
+    if: >
+      github.event.issue.number == 2370 &&
+      github.event.comment.author_association != 'COLLABORATOR' &&
+      github.event.comment.author_association != 'OWNER' &&
+      github.event.comment.author_association != 'MEMBER'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

README.md

@@ -49,7 +49,7 @@ The schedule is at <https://www.kth.se/social/course/DD2482/calendar/>
 
 
 To pass the course, the student has to complete and pass between 3 and 5 tasks:
-* The tasks are in category: "[presentation (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#presentations)", "[demo (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#demos)", "[scientific paper](https://github.com/KTH/devops-course/blob/2024/grading-criteria.paper)", "[executable tutorial](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#executable-tutorials)", "[contribution to open-source](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#open-source-contributions)", "[feedback](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#feedback)" (presentation and demos are mandatory, at most one in the same category, it is not necessary to cover everything).
+* The tasks are in category: "[presentation (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#presentations)", "[demo (mandatory)](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#demos)", "[scientific paper](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#scientific-papers)", "[executable tutorial](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#executable-tutorials)", "[contribution to open-source](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#open-source-contributions)", "[feedback](https://github.com/KTH/devops-course/blob/2024/grading-criteria.md#feedback)" (presentation and demos are mandatory, at most one in the same category, it is not necessary to cover everything).
 * The [grading criteria page](grading-criteria.md) is the unique reference which explains how to pass each task category.
 * The student proposes a category and a topic, which is discussed and accepted by the TA. The proposal is made as a [structured pull-request](https://github.com/KTH/devops-course/blob/2024/.github/pull_request_template.md) on this repository. The 3-5 graded contributions must have little overlap.
 * The same student cannot choose the same topic for two different tasks. The 3-5 tasks should cover different aspects of DevOps.

contributions/README.md

@@ -114,3 +114,18 @@ General Intro about the course.
 1. [Using static analysis with SonarCloud to identify security flaws.](https://github.com/KTH/devops-course/pull/2558)
 1. [Automating Private Dependency Management and Version Integration](https://github.com/KTH/devops-course/pull/2569)
 
+### Week 7
+
+1. [DevOps Education - Challenges and Recommendations](https://github.com/KTH/devops-course/pull/2448)
+1. [RefBot: Intelligent Software Refactoring Bot](https://github.com/KTH/devops-course/pull/2456)
+1. [AI Anomaly Detection for log monitoring](https://github.com/KTH/devops-course/pull/2496)
+1. [Infrastructure as Code Using Ansible Playbooks](https://github.com/KTH/devops-course/pull/2536)
+1. [DevOps at Scale: Managing Complex Service Architectures in Large Technical Companies](https://github.com/KTH/devops-course/pull/2523)
+1. [Chaos Engineering with Chaos Monkey](https://github.com/KTH/devops-course/pull/2549)
+1. [Data Version Control for MLOps with DVC](https://github.com/KTH/devops-course/pull/2560)
+1. [A Case Study of Developer Bots: Motivations, Perceptions, and Challenges](https://github.com/KTH/devops-course/pull/2532)
+1. [Understanding GDPR and its importance for DevOps](https://github.com/KTH/devops-course/pull/2585)
+1. [ChatOps Bots for Monitoring and Incident Response in DevOps](https://github.com/KTH/devops-course/pull/2592)
+1. [Metrics vs Logging for DevOps Monitoring (Comparing Prometheus and ELK Stack)](https://github.com/KTH/devops-course/tree/2024/contributions/presentation/week7/linussve-daniellw/README.md)
+1. [Software licencing overview and compliance automation](https://github.com/KTH/devops-course/pull/2614)
+

contributions/demo/week7/liley/README.md

@@ -0,0 +1,25 @@
+# Assignment Proposal
+
+## Title
+
+Creating security obervability with Wazuh
+
+## Names and KTH ID
+
+  - Jonas Liley ([email protected])
+
+## Deadline
+
+- Week 7
+
+## Category
+
+- Demo
+
+## Description
+
+The demonstration will involve setting up a Wazuh server alongside an additional server that will simulate a production environment. I will walk through the process of adding a new server to be monitored by Wazuh, enabling Wazuh to collect and analyze logs, detect vulnerabilities, and monitor system integrity. The demo will also include real-time detection of suspicious activities and automated alerting on potential security incidents.
+
+**Relevance**
+
+With the increasing complexity of modern infrastructure, gaining deep security observability across all systems is essential for proactive threat detection and mitigation. Wazuh, as an open-source security monitoring platform, addresses these needs. This demo highlights Wazuh’s capability to centralize security data, helping organizations detect vulnerabilities, track incidents, and ensure compliance, all within a one dashboard.

contributions/demo/week7/rohinib/README.md

@@ -0,0 +1,32 @@
+# Assignment Proposal
+
+## Title
+
+Simplifying Kubernetes Policy Management Using Kyverno
+
+
+## Names and KTH ID
+
+
+- Rohini Bhardwaj([email protected])
+
+
+## Deadline
+
+- Week 7
+
+
+## Category
+
+- Demo
+
+
+## Description
+I want to propose a demo to showcase how Kyverno simplifies and automates Kubernetes policy management. It will demonstrate Kyverno’s capabilities in enforcing security, 
+ensuring compliance, and automating resource configurations through policies, making Kubernetes environments more secure, consistent, and manageable.
+
+**Relevance**
+
+Kyverno simplifies Kubernetes policy management, making it highly relevant for DevOps teams. It automates tasks like security enforcement, resource configuration, 
+and compliance checks without the need for custom code. By using easy-to-write YAML policies, DevOps teams can ensure consistency across all environments, speeding up deployments 
+while maintaining security.

contributions/executable-tutorial/aleliu-gussvens/README.md

@@ -0,0 +1,32 @@
+# Assignment Proposal
+
+## Title
+
+Building and integrating a slack bot with GitHub actions using Node.js
+
+## Names and KTH ID
+
+  - Alexander Liu ([email protected])
+  - Gustaf Svensson ([email protected])
+
+## Deadline
+
+- Task 3
+
+## Category
+
+- Executable tutorial
+
+## Description
+
+In our tutorial we will show how to set up a slack bot using node.js to monitor GitHub actions through notification in a slack channel. The bot will be able to parse github logs into readable slack messages in order to simplify continuous development and monitoring.
+
+**Relevance**
+
+Effective monitoring and automation is crucial to the DevOps life cycle. By integrating slack bot with GitHub actions developers can get real-time status updates on ongoing processes directly in their slack workspace. Additionally, developers can trigger pre-defined common events through slack increasing the efficiency of the entire process. The use of slack streamlines the continuous devlopment and monitoring process for developers and is a critical part in the DevOps cycle.
+
+*Submission*
+
+Killercoda: https://killercoda.com/dd2482devops-executable-tutorial/scenario/KillerCoda
+GitHub to main program: https://github.com/Alexanderliu2002/dd2482-executable-tutorial-bot
+GitHub to test environment: https://github.com/leegrash/dd2482-executable-tutorial 

contributions/executable-tutorial/bthiberg-noakj/README.md

@@ -0,0 +1,32 @@
+# Assignment Proposal
+
+## Title
+
+Creating and using flox environment(s) in an existing project.
+
+## Names and KTH ID
+
+- Björn Thiberg ([email protected])
+- Noak Jönsson ([email protected])
+
+## Deadline
+
+- Task 3
+
+## Category
+
+- Executable Tutorial
+
+## Description
+
+We had a visit during one of the lectures by a [Flox](https://flox.dev/docs/) developer. Exploring this cool piece of software, we found few if any tutorials on how to use it.
+
+This tutorial goes through the main functionality of Flox. Specifically, how to create a Flox environment for an existing project, add dependencies and search for packages, and create a service. It also goes through how the Flox manifest file works.
+
+[The tutorial can be found on KillerCoda here.](https://killercoda.com/bjornthiberg/scenario/flox)
+[
+The repository for the tutorial can be found here.](https://github.com/bjornthiberg/DD2482-executable-tutorial)
+
+**Relevance**
+
+Flox is relevant to DevOps since it allows the user to create and manageme reproducible, isolated, and portable development environments. This helps with solving the “works on my machine” DevOps problem across different testing, staging and dev environments. Flox provides a platform for managing dependencies, environments, and development tools in a containerized manner. These containerized environments can then be shared, submitted to version control, and be used as part of CI/CD pipelines.

contributions/executable-tutorial/campione-sorger/README.md

@@ -21,6 +21,8 @@ Setting Up a Dashboard using Splunk
 
 In this executable tutorial, we will guide the user through running Splunk. We will add a data source and create a dashboard to visualize data using the new Splunk Dashboard Studio. The data source will be set up to dynamically grow in size and change its data over time, showcasing Splunk's real-time capabilities. Finally, we will configure an alert to trigger when a specific data threshold is met.
 
+The executable tutorial can be found on [Killercoda](https://killercoda.com/sorger/scenario/splunk-dashboard-demo) or [GitHub](https://github.com/t-sorger/killercoda-tutorials/tree/master/splunk-dashboard-demo).
+
 **Relevance**
 
 "Having good dashboards is essential in DevOps" (see [here](https://github.com/KTH/devops-course/issues/8#issuecomment-445817093)).

contributions/executable-tutorial/carlwang-jrybak/README.md

@@ -31,3 +31,6 @@ The executable tutorial will provide a hands-on guide to implementing automated
 **Relevance**
 
 Automation of testing is essential in DevOps, since it largely reduces the time taken to manually find pre-existing bugs, as well as significantly lowers the risk of accidentally introducing new ones. Moreover, this is especially vital in the area of API testing, in order to avoid regression bugs and ensure consistent performance and reliability across different environments and versions.
+
+Github: https://github.com/laykos0/api-testing
+Tutorial: https://killercoda.com/laykos0/scenario/api-testing-automation

contributions/executable-tutorial/casperkr-mnem/README.md

@@ -0,0 +1,40 @@
+# Assignment Proposal
+
+## Title
+
+Mastering Docker: Building, Networking, and Optimizing Containers with Multi-Stage Builds and Advanced Features
+
+## Names and KTH ID
+
+- Casper Kristiansson ([email protected])
+- Muhammadsodiq Nematjanov ([email protected])
+
+## Deadline
+
+- Task 3
+
+## Category
+
+- Executable tutorial
+
+## Description
+
+This tutorial will introduce the fundamental concepts of Docker and demonstrate how to build, run, and optimize Docker containers. The tutorial will be fully executable on the KillerKoda platform, ensuring that users can interact with and verify their actions as they follow along. The sections will cover:
+
+1. **Building and Running a Basic Docker Container**: A step-by-step guide to building and running your first Docker container.
+
+2. **Setting up Docker Volumes for Persistent Storage**: Learn how to manage data persistence by setting up Docker volumes.
+
+3. **Configuring Container Networking**: Understand how to set up communication between Docker containers through networking.
+
+4. **Optimizing Docker Images with Multi-Stage Builds**: Learn how to reduce Docker image sizes and improve performance using multi-stage builds.
+
+5. **Using Docker Compose for Multi-Container Applications**: Introduction to Docker Compose, showing how to define and manage multi-container applications with services, networks, and volumes.
+
+6. **Handling Secrets and Environment Variables in Docker**: Securely pass sensitive information using Docker secrets and environment variables.
+
+7. **Implementing Health Checks for Containers**: Monitor and automatically restart services by implementing health checks within your containers.
+
+**Relevance**
+
+Docker is a crucial tool in modern DevOps practices, enabling efficient application deployment, scalability, and automation. By learning how to build, run, and optimize containers, developers and DevOps engineers can reduce infrastructure complexity, speed up deployments, and manage applications more effectively. The tutorial covers essential topics that align with DevOps goals of continuous delivery, resource optimization, and maintaining secure, persistent services. Each section is designed to be fully executable and verifiable on the KillerKoda platform, providing a hands-on experience for learners. Automating Docker builds locally simulates a CI/CD pipeline without external dependencies, making the process easy to verify. Additionally, multi-stage builds are essential for reducing Docker image size, improving performance, and optimizing resource use in production environments.

contributions/executable-tutorial/cnra-amano/README.md

@@ -0,0 +1,22 @@
+# Assignment Proposal
+## Title
+Policy as Code with Kubewarden: Implement and Enforce Kubernetes Policies
+## Names and KTH ID
+- Chandni Rakhashiya ([email protected])
+- Katsutoshi Amano ([email protected])
+## Deadline
+- Task 3
+## Category
+- Executable Tutorial
+## Description
+In this tutorial, we will explain what Policy as Code and Kubewarden are, and why they are important for Kubernetes environments. We will walk through the process of implementing and enforcing policies using Kubewarden in a Kubernetes cluster. Additionally, we will write a policy using Rego and deploy it to the cluster, demonstrating how policies can be automated and integrated seamlessly into DevOps workflows.
+
+
+ **Relevance**
+
+
+Policy as Code is crucial for maintaining consistency, security, and compliance in Kubernetes environments, making it a core practice in modern DevOps. Kubewarden provides a powerful and flexible way to implement and enforce these policies. 
+
+The executable tutorial can be found:
+killercoda - https://killercoda.com/kubewarden-executable-tutorial
+Github - https://github.com/kamano905/kubewarden-executable-tutorial

contributions/executable-tutorial/dgaspar-tmbpe/README.md

@@ -0,0 +1,37 @@
+# Assignment Proposal
+
+## Title
+
+Deployments with Piku
+
+## Names and KTH ID
+
+  - Diogo Gaspar ([email protected])
+  - Tomás Esteves ([email protected])
+
+## Deadline
+
+- Task 3
+
+## Category
+
+- Executable tutorial
+
+## Description
+
+Piku is a PaaS (Platform as a Service) that allows you to deploy applications to your own servers with a simple `git push`.
+It is inspired in Dokku, an open source PaaS alternative to Heroku.
+Piku shines in being a lightweight tool, that tries to simplify the deployment of services.
+It supports deployment in ARM and x86 architectures and can be ran in low end devices.
+
+The tutorial will consist in the deployment of a simple web application using Piku.
+Then, we will test its capability of changing some parameters through environment variables.
+Finally, we will extend its functionality through the use of plugins.
+
+The tutorial is hosted at [KillerCoda](https://killercoda.com/pesteves2002/scenario/tutorial),
+and its source code can be found at [GitHub](https://github.com/speedrunners-ist/devops-tutorial).
+
+**Relevance**
+
+This tutorial allows the user to explore alternatives to known tools/services such as Heroku.
+It maintains the most relevant features, while being free and open source.

contributions/executable-tutorial/diogogm-diogotc/README.md

@@ -19,7 +19,9 @@ Real-Time Log Monitoring with Loki and Grafana
 
 ## Description
 
-In this tutorial, we want to set up a real-time log monitoring solution using Loki for log aggregation and Grafana for visualization. This tutorial will teach how to install and configure Loki, integrate it with Grafana, and create dashboards to visualize logs. Additionally, we will write queries to extract insights and set up alerts based on log patterns. 
+In this tutorial, we want to set up a real-time log monitoring solution using Loki for log aggregation and Grafana for visualization. This tutorial will teach how to install and configure Loki, integrate it with Grafana, and create dashboards to visualize logs. Additionally, we will write queries to extract insights and set up alerts based on log patterns.
+
+You can find the executable tutorial in [KillerCoda](https://killercoda.com/devops-tutorial) and the source code in [GitHub](https://github.com/d-melita/devops-tutorial).
 
 **Relevance**
 This tutorial is relevant in the DevOps context as it enhances visibility into applications and infrastructure. By using Loki and Grafana for real-time log monitoring, teams can quickly identify issues, improve collaboration, automate responses, and support continuous improvement, all of which are essential for maintaining reliable system performance.

contributions/executable-tutorial/eggestig-daniellw/README.md

@@ -0,0 +1,31 @@
+# Assignment Proposal
+
+## Title
+
+Creating a Robust Gatsby Web Service with Automated Testing and Deployment on GitHub
+
+## Names and KTH ID
+
+  - Robin Eggestig ([email protected])
+  - Daniel Lai Wikström ([email protected])
+
+## Deadline
+
+- Task 3
+
+## Category
+- Executable tutorial
+
+## Description
+
+This comprehensive hands-on tutorial provides detailed, step-by-step instructions for setting up a Gatsby application, integrating automated testing, and deploying it using GitHub Actions and GitHub Pages. Discover how to harness Gatsby’s powerful capabilities for fast data fetching and static site generation, leading to a fully functional web service hosted on GitHub Pages, complete with automated tests to ensure reliability and performance.
+
+The tutorial also covers the integration of automated unit and integration tests, the configuration of CI/CD workflows using GitHub Actions, and managing version control with Git. We plan to use personal access token (PAT) with permissions for a new repository for full hands on learning. Designed for developers of all skill levels, this tutorial empowers participants to gain practical experience with Gatsby and modern deployment strategies.
+
+**Relevance**
+In today’s fast-paced software development landscape, the demand for efficient and reliable web applications is higher than ever. This tutorial is particularly relevant as it provides an executable format that helps developers learn about Gatsby and GitHub Actions while equipping them with essential skills for implementing automated testing and deployment.
+
+As organizations increasingly adopt DevOps practices and agile methodologies, the ability to quickly create and deploy robust web services becomes essential. This practical resource effectively bridges the gap between theory and practice, empowering participants to adopt modern development practices in their own projects.
+
+The tutorial can be found here: https://killercoda.com/daniellw/scenario/gatsby-tutorial
+Github for tutorial: https://github.com/dannolaius/coda-tutorial

contributions/executable-tutorial/golman/README.md

@@ -28,3 +28,7 @@ I asked TA about this briefly in a lab session (not previous, but one before tha
 **Relevance**
 
 Jupyter Notebook/Lab is often used for processing, preparing, and visualizing data, as well as subsequently training machine learning models. The process of deriving a model is often an iterative process to determine suitable model architectures and optimal hyperparameters. Models may furthermore require continuous altering after deployment as more data becomes available or use cases change. This process is presumably often done manually, particularly as data scientists and conventional developers may be different teams, but there are clear benefits in automating the process.
+
+**Submission**
+
+[Github repository](https://github.com/kthfre/dd2482-executable-tutorial)