DevOps의 정석 - DevOps의 시작부터 끝까지 모두 짚어 드립니다!
JeongSuk Lee
DevOps 컨퍼런스에서 지겹게 듣던 “DevOps는 문화입니다!”라는 말이 무엇을 의미하는지 궁금하신 분들을 위한 과정입니다. DevOps의 3대 요소인 People, Process & Technology에 대한 전반적인 부분을 다루고 이를 실제로 어떻게 구현하는지도 함께 알아볼 수 있습니다.
중급이상
CI/CD, BDD
[DevOps Basics 3] Building CI Properly with GitHub Actions
You will learn how to configure CI based on GitHub Actions and what content should be included in CI, and you can learn about verification through the SLSA Framework, which was a topic of discussion in Google DevOps Report 2022.
(5.0) 3 reviews
84 learners
데브옵스
devops
sonarqube
github-actions
CI/CD
continuous-integration
SonarQube
What you will learn!
CI
GitHub Actions
SLSA Framework
InfraCost
Software Bill of Materials
SonarQube
TruffleHog
ConfTest
AWS IAM
Github Action for CI configuration!
Maybe just build automation
Did you think that was all there was to CI?
"I'm curious about what CI is. How can I best grasp the concept from a technical perspective ?"
“My company has installed and is using a CI solution like Jenkins. What kind of content should I include in CI?”
“I received consulting on my CI/CD strategy, but I'm concerned about how to implement it .”
“We need to evaluate and manage our organization’s CI structure .”
When organizations talk about implementing CI, the actual implementation often involves only post-build package distribution. However, implementing CI involves establishing a software supply chain (SSC). It's not simply about installing a CI solution.
Minimum core knowledge for organizations new to CI
Learn how to configure Continuous Integration (CI) using Github Actions and how to apply the tools needed to configure the Software Supply Chain within CI.
This lecture covers the Model CI Flow , which must be implemented at a minimum when building a CI-based software supply chain. We hope this lecture will be helpful to those who have been curious about the standards and methods for building and evaluating CI systems.
The purpose and reason for needing CI
I will let you know for sure.
Case 1 Are there any guidelines for configuring CI?
The SLSA Framework provides guidelines for the Software Supply Chain.
Case 2: In the CI system, there are concepts called Host and Agent. What are the ways to configure them?
We will explain how to configure the CI Host using Github Actions , and the Agent using either the SaaS-based Agent provided by Github or your own Agent based on the Ephemeral environment.
Case 3: I want to include our company's technical policy guidelines in CI. Is there a way to do this?
This article will explain how to apply security checks to CI using SonarQube and Aqua Trivy. It will also demonstrate Policy as Code (PoC) through ConfTest.
Case 4 Our organization uses IaC through Terraform. Can we manage the costs of this first in CI?
We'll explain how to use InfraCost to indicate cost increases or decreases for Terraform changes in GitHub Pull Requests.
CI must capture the essence, not just the tools.
CI isn't just about installing CI software and automating builds. Unlike typical CI courses that focus on builds and artifact creation, this course focuses on the core purpose of CI: Software Supply Chain Management and Gated Commit .
In addition, we will proceed by reflecting the latest trends such as Dependency management and SLSA Framework based on the Software Bill of Material, which has been highlighted due to recent security breaches caused by open source libraries (Log4j, SolarWind).
Learning content
Check it out 📚
CI Learning to Set Standards
You'll understand that CI isn't just about installing CI software and automating builds. You'll also learn about the SLSA Framework and how it can be combined with other solutions to reach the highest Framework Level 4.
Up to the core technology for implementation
You'll learn how to implement Gated Commit using GitHub and explore how to build a CI chain for related services within a microservice architecture. You'll also learn how to create GitHub Custom Actions and leverage them to build a reusable software supply chain. You'll also understand the characteristics and differences between Persistent and Ephemeral agents.
Detailed Curriculum 📖
Getting Started with Github Actions
- Github Commit Signing
- Spring/Gradle based CI Process + Slack Notification
- Node.js-based service CI Process + related service CI Process call
Verifying IaC Deployment Stability
- Implementing Policy as Code Using ConfTest
- Implementing Credential Exposure Check using TruffleHog
- Comment on the estimated additional costs of Terraform IaC in a Pull Request using InfraCost.
Checking for security vulnerabilities in CI
- SAST configuration using SonarQube community edition
- Vulnerability Scanning and SBOM Management Using Aqua Trivy and Dependency Track
Container image management using private repository
Modularizing the Build Process with GitHub Custom Actions
- Container-based Custom Action configuration
- Configuring JavaScript-based Custom Actions
- Composite Action composition
Implementing a GitHub Self-hosted Runner
Summary through SLSA Framework
The basics of DevOps
This is Lee Jeong-seok .
I'm a digital nomad IT engineer with approximately 15 years of experience as a full-stack developer and DevOps engineer/consultant in Korea, Australia, and the UK. I'm constantly learning new topics to optimize IT organizational operations , and I dream of remaining an engineer until I retire. Currently, I work as a DevOps engineer on the Developer Experience team at a bank in Melbourne, Australia.
Detailed history
- I started my first job as an intern at The Latin Traveller! [London, UK]
- Former Hanjin Group Topas Travel Information - Java/Oracle Development [Seoul, KR]
- Former) NuSkin Korea - Java/Oracle Development [Seoul, KR]
- Curiosity about business flow led me to complete a full-time MBA program [Seoul/Nice, KR/FR]
- Former KOSCOM - C Development [Seoul, KR]
- Former KDB Daewoo Securities - Development using Java, C#, Python, MongoDB, Oracle, Sybase, ActiveMQ, etc. [Seoul, KR]
- Former) National Australia Bank (NAB) - Full-stack Development [Melbourne, AU]
- Formerly, one of Australia's top four banks - Full-stack Development/In-house DevOps Consulting [Melbourne, AU]
- Former) Amazon Web Services - DevOps Consultant [Seoul/Melbourne, KR/AU]
- One of Australia's top four banks is currently grappling with defining DORA metrics and implementing a scalable CI structure using DevOps... [Melbourne, AU]
Q&A 💬
Q. When implementing CI, can't you just install Jenkins, enter the build command, and deploy it?
The goal of CI implementation isn't just to automate builds. Its purpose is to automate and review builds, tests, and organizational security/compliance requirements that may arise throughout the entire software supply chain, ensuring reliable artifacts are passed on to the CD team.
Q. I see you use a lot of software. Do I need any basic knowledge about it?
In this lecture, we will explain the purpose and method of use of the software used, and proceed with the process of integrating it with CI.
Q. How important is this part when building a career in DevOps?
In DevOps-related positions, CI/CD is a fundamental requirement, and questions about CI often ask for ideas or experience on how to structure pipelines. Pipeline flow and gated commits are crucial perspectives, and this lecture covers these aspects.
💾 Things to note before taking the class
The following PC specifications and service versions are required for this tutorial:
- CPU: 4 cores or more x86-64/amd64 series
- Memory 8GB or more, Storage 30GB or more
- Kubernetes 1.21 or later, Helm 3.8 or later
- The lectures will be conducted using software build tools, IaC (Terraform, Kubernetes, Helm), shell scripts, etc., but you can still follow the lectures even if you do not have basic knowledge of these.
- For course materials, please refer to the notes at the bottom of the [Section 2 - Installing SigNoz] course . All source code used in this lecture is available via a GitHub repository. Access via the Google Form link may take up to 48 hours to be approved, and you are prohibited from sharing the source code or content of this lecture with others.
See related lectures together 📺
Recommended for
these people
Who is this course right for?
For those of you who are curious about how to structure content within CI
For those who are completely new to GitHub Actions and want to gain basic knowledge
For those of you who are curious about how CI is configured in a Microservice Architecture
For those of you wondering how DevSecOps is configured in CI
Need to know before starting?
Shell Scripts
How to install Kubernetes environment, how to set up Minikube or EKS/GKE/AKS
How to install the Helm command
426
Learners
16
Reviews
7
Answers
3.9
Rating
7
Courses
한국/호주/영국에서 Full-stack developer, DevOps Engineer/Consultant로 15년 정도 일을 하고 있는 Digital Nomad IT Engineer 입니다. IT 조직 운영의 최적화를 위해 끊임 없이 새로운 주제에 대해서 공부를 하고 있으며, 은퇴할 때까지 Engineer로 생활하고 싶다는 꿈을 가지고 있습니다. 현재는 호주 Melbourne에 있는 한 은행의 Developer Experience 팀에서 DevOps로 활동하고 있습니다.
Curriculum
All
20 lectures ∙ (6hr 34min)
Published:
Last updated:
Reviews
All
3 reviews
5.0
3 reviews
Jeongyeol LeeReviews 6
∙
Average Rating 5.0
5
100% enrolled개발팀을 대상으로 실무에서 반드시 구현해야 하는 현실적인 지속적인 통합(Continuous Integration)의 출발점이 제시된 강의라고 생각합니다. 단순히 빌드 및 단위 테스트를 돌리는 것을 넘어서, 정적분석, 보안, 서명과 퍼블리싱, 그리고 피드백까지를 포함한 Gated check-in 을 구성하는 사례와 그 과정이 압축되어 있었습니다. 이를 통해서 불필요한 오류 코드가 소스 코드에 확장되는 것을 방지하게 되고, 이를 통해서 개발팀의 협업이 효과적으로 향상 될 것이라고 자연스럽게 기대되었습니다. (정말로, 강의 듣는 내내 현재 관리중인 CI 프로세스를 리팩토링하고 싶어서 근질거렸습니다 ㅎㅎ) 무엇보다, 자칫 복잡하고 많은 과정을 거치는 것에 대해서 길을 잃기 쉬울 수있는데, SLSA Framework를 통해서 강의 과정에서 다루었던 내용 정리 및 고도화할 방향도 알려주셔서 정말 감사합니다. 만약 이 강의를 처음 수강하시는 분들이라면, 첫 Overview 이후에 제일 마지막에 있는 'SLSA Framework을 통한 Summary' 세션을 먼저 듣고 시작하시는 것도 좋을 것 같습니다.
- 엄상인
Reviews 2
∙
Average Rating 5.0
- Steven J.S Min
Reviews 1
∙
Average Rating 5.0
5
100% enrolled현재 개발하고 운영하고있는 시스템들이 회사 데이터센터 기반으로 돌아가는 레거시 시스템이라서 이 강의를 듣는데는 어려운 부분도 있었습니다. 하지만 이 강의에서 소개하고있는 다양한 시스템간의 연계와 새로운 개발 패턴을 보면서 이 Github Actions 말고도 배울수있는것이 많았습니다. 일반 101강의와는 다르게 풍부한 경험에서 나오는 코멘트 하나하나들이 많은 자극과 도움이 되어 감사드립니다. 앞으로 제가 관리하게될 GHE에 Github Actions이 적용될 예정인데 많은 도움이 될것 같습니다. 고맙습니다.
$152.90
JeongSuk Lee's other courses
Check out other courses by the instructor!
![[DevOps 정석 2] MSA 환경의 로그 분석 기술 구축을 통한 통합로깅강의 썸네일](https://cdn.inflearn.com/public/courses/330178/cover/874af780-6138-4232-a722-fce2a079b60d/330178-eng.jpg?f=avif&w=420)
![[DevOps 정석 1] Monolith to Microservice 전환 with Spring/Python/Node.js와 Strangler Fig 패턴강의 썸네일](https://cdn.inflearn.com/public/courses/329980/cover/7687ff1a-6346-4e04-b2be-ceac51d6a1cc/329980-eng.jpg?f=avif&w=420)
Similar courses
Explore other courses in the same field!
