Learn Terraform Basics with the Terraform Associate Exam
JeongSuk Lee
Learn the theory and practice of Terraform based on the HashiCorp Certified: Terraform Associate (003) exam content.
초급
Terraform
[DevOps Basics 3] Building CI Properly with GitHub Actions
You will learn how to configure CI based on GitHub Actions and what content should be included in CI, and you can learn about verification through the SLSA Framework, which was a topic of discussion in Google DevOps Report 2022.
(5.0) 3 reviews
86 learners
데브옵스
devops
sonarqube
github-actions
CI/CD
continuous-integration
SonarQube
What you will gain after the course
CI
GitHub Actions
SLSA Framework
InfraCost
Software Bill of Materials
SonarQube
TruffleHog
ConfTest
AWS IAM
Github Action for CI configuration!
Maybe just build automation
Did you think that was all there was to CI?
"I'm curious about what CI is. How can I best grasp the concept from a technical perspective ?"
“My company has installed and is using a CI solution like Jenkins. What kind of content should I include in CI?”
“I received consulting on my CI/CD strategy, but I'm concerned about how to implement it .”
“We need to evaluate and manage our organization’s CI structure .”
When organizations talk about implementing CI, the actual implementation often involves only post-build package distribution. However, implementing CI involves establishing a software supply chain (SSC). It's not simply about installing a CI solution.
Minimum core knowledge for organizations new to CI
Learn how to configure Continuous Integration (CI) using Github Actions and how to apply the tools needed to configure the Software Supply Chain within CI.
This lecture covers the Model CI Flow , which must be implemented at a minimum when building a CI-based software supply chain. We hope this lecture will be helpful to those who have been curious about the standards and methods for building and evaluating CI systems.
The purpose and reason for needing CI
I will let you know for sure.
Case 1 Are there any guidelines for configuring CI?
The SLSA Framework provides guidelines for the Software Supply Chain.
Case 2: In the CI system, there are concepts called Host and Agent. What are the ways to configure them?
We will explain how to configure the CI Host using Github Actions , and the Agent using either the SaaS-based Agent provided by Github or your own Agent based on the Ephemeral environment.
Case 3: I want to include our company's technical policy guidelines in CI. Is there a way to do this?
This article will explain how to apply security checks to CI using SonarQube and Aqua Trivy. It will also demonstrate Policy as Code (PoC) through ConfTest.
Case 4 Our organization uses IaC through Terraform. Can we manage the costs of this first in CI?
We'll explain how to use InfraCost to indicate cost increases or decreases for Terraform changes in GitHub Pull Requests.
CI must capture the essence, not just the tools.
CI isn't just about installing CI software and automating builds. Unlike typical CI courses that focus on builds and artifact creation, this course focuses on the core purpose of CI: Software Supply Chain Management and Gated Commit .
In addition, we will proceed by reflecting the latest trends such as Dependency management and SLSA Framework based on the Software Bill of Material, which has been highlighted due to recent security breaches caused by open source libraries (Log4j, SolarWind).
Learning content
Check it out 📚
CI Learning to Set Standards
You'll understand that CI isn't just about installing CI software and automating builds. You'll also learn about the SLSA Framework and how it can be combined with other solutions to reach the highest Framework Level 4.
Up to the core technology for implementation
You'll learn how to implement Gated Commit using GitHub and explore how to build a CI chain for related services within a microservice architecture. You'll also learn how to create GitHub Custom Actions and leverage them to build a reusable software supply chain. You'll also understand the characteristics and differences between Persistent and Ephemeral agents.
Detailed Curriculum 📖
Getting Started with Github Actions
- Github Commit Signing
- Spring/Gradle based CI Process + Slack Notification
- Node.js-based service CI Process + related service CI Process call
Verifying IaC Deployment Stability
- Implementing Policy as Code Using ConfTest
- Implementing Credential Exposure Check using TruffleHog
- Comment on the estimated additional costs of Terraform IaC in a Pull Request using InfraCost.
Checking for security vulnerabilities in CI
- SAST configuration using SonarQube community edition
- Vulnerability Scanning and SBOM Management Using Aqua Trivy and Dependency Track
Container image management using private repository
Modularizing the Build Process with GitHub Custom Actions
- Container-based Custom Action configuration
- Configuring JavaScript-based Custom Actions
- Composite Action composition
Implementing a GitHub Self-hosted Runner
Summary through SLSA Framework
The basics of DevOps
This is Lee Jeong-seok .
I'm a digital nomad IT engineer with approximately 15 years of experience as a full-stack developer and DevOps engineer/consultant in Korea, Australia, and the UK. I'm constantly learning new topics to optimize IT organizational operations , and I dream of remaining an engineer until I retire. Currently, I work as a DevOps engineer on the Developer Experience team at a bank in Melbourne, Australia.
Detailed history
- I started my first job as an intern at The Latin Traveller! [London, UK]
- Former Hanjin Group Topas Travel Information - Java/Oracle Development [Seoul, KR]
- Former) NuSkin Korea - Java/Oracle Development [Seoul, KR]
- Curiosity about business flow led me to complete a full-time MBA program [Seoul/Nice, KR/FR]
- Former KOSCOM - C Development [Seoul, KR]
- Former KDB Daewoo Securities - Development using Java, C#, Python, MongoDB, Oracle, Sybase, ActiveMQ, etc. [Seoul, KR]
- Former) National Australia Bank (NAB) - Full-stack Development [Melbourne, AU]
- Formerly, one of Australia's top four banks - Full-stack Development/In-house DevOps Consulting [Melbourne, AU]
- Former) Amazon Web Services - DevOps Consultant [Seoul/Melbourne, KR/AU]
- One of Australia's top four banks is currently grappling with defining DORA metrics and implementing a scalable CI structure using DevOps... [Melbourne, AU]
Q&A 💬
Q. When implementing CI, can't you just install Jenkins, enter the build command, and deploy it?
The goal of CI implementation isn't just to automate builds. Its purpose is to automate and review builds, tests, and organizational security/compliance requirements that may arise throughout the entire software supply chain, ensuring reliable artifacts are passed on to the CD team.
Q. I see you use a lot of software. Do I need any basic knowledge about it?
In this lecture, we will explain the purpose and method of use of the software used, and proceed with the process of integrating it with CI.
Q. How important is this part when building a career in DevOps?
In DevOps-related positions, CI/CD is a fundamental requirement, and questions about CI often ask for ideas or experience on how to structure pipelines. Pipeline flow and gated commits are crucial perspectives, and this lecture covers these aspects.
💾 Things to note before taking the class
The following PC specifications and service versions are required for this tutorial:
- CPU: 4 cores or more x86-64/amd64 series
- Memory 8GB or more, Storage 30GB or more
- Kubernetes 1.21 or later, Helm 3.8 or later
- The lectures will be conducted using software build tools, IaC (Terraform, Kubernetes, Helm), shell scripts, etc., but you can still follow the lectures even if you do not have basic knowledge of these.
- For course materials, please refer to the notes at the bottom of the [Section 2 - Installing SigNoz] course . All source code used in this lecture is available via a GitHub repository. Access via the Google Form link may take up to 48 hours to be approved, and you are prohibited from sharing the source code or content of this lecture with others.
See related lectures together 📺
Recommended for
these people
Who is this course right for?
For those of you who are curious about how to structure content within CI
For those who are completely new to GitHub Actions and want to gain basic knowledge
For those of you who are curious about how CI is configured in a Microservice Architecture
For those of you wondering how DevSecOps is configured in CI
Need to know before starting?
Shell Scripts
How to install Kubernetes environment, how to set up Minikube or EKS/GKE/AKS
How to install the Helm command
432
Learners
16
Reviews
7
Answers
3.9
Rating
7
Courses
한국/호주/영국에서 Full-stack developer, DevOps Engineer/Consultant로 15년 정도 일을 하고 있는 Digital Nomad IT Engineer 입니다. IT 조직 운영의 최적화를 위해 끊임 없이 새로운 주제에 대해서 공부를 하고 있으며, 은퇴할 때까지 Engineer로 생활하고 싶다는 꿈을 가지고 있습니다. 현재는 호주 Melbourne에 있는 한 은행의 Developer Experience 팀에서 DevOps로 활동하고 있습니다.
Curriculum
All
20 lectures ∙ (6hr 34min)
1. Overview
08:59
Published:
Last updated:
Reviews
All
3 reviews
5.0
3 reviews
spongeReviews 6
∙
Average Rating 5.0
5
100% enrolledI think this lecture presents a starting point for realistic continuous integration that must be implemented in practice for development teams. Beyond simply running builds and unit tests, it condenses the cases and processes of configuring gated check-ins including static analysis, security, signing and publishing, and even feedback. Through this, unnecessary error codes are prevented from being extended to the source code, and it is naturally expected that this will effectively improve the collaboration of the development team. (Really, I was itching to refactor the CI process I am currently managing while listening to the lecture. ㅎㅎ) Above all, it is easy to get lost in the complex and numerous processes, but I am really grateful that the lecture course was organized and improved through the SLSA Framework. If you are taking this lecture for the first time, it would be a good idea to listen to the last session, 'Summary through SLSA Framework' after the first overview.
- eomsi4706
Reviews 2
∙
Average Rating 5.0
- stevenmin
Reviews 1
∙
Average Rating 5.0
5
100% enrolledThere were some difficult parts in taking this lecture because the systems I am currently developing and operating are legacy systems that run on the company data center. However, I was able to learn a lot other than Github Actions by looking at the various system connections and new development patterns introduced in this lecture. Unlike the general 101 lecture, I am grateful for the many comments from my rich experience that were very stimulating and helpful. Github Actions will be applied to GHE, which I will be managing in the future, and I think it will be very helpful. Thank you.
Limited time deal
$2,921,582.00
29%
$152.90
JeongSuk Lee's other courses
Check out other courses by the instructor!
![[DevOps Classic 2] Integrated Logging through Building Log Analysis Technology in MSA Environment강의 썸네일](https://cdn.inflearn.com/public/courses/330178/cover/874af780-6138-4232-a722-fce2a079b60d/330178-eng.jpg?f=avif&w=420)
![[DevOps Basics 1] Monolith to Microservice Conversion with Spring/Python/Node.js and Strangler Fig Pattern강의 썸네일](https://cdn.inflearn.com/public/courses/329980/cover/7687ff1a-6346-4e04-b2be-ceac51d6a1cc/329980-eng.jpg?f=avif&w=420)
Similar courses
Explore other courses in the same field!
