DevSecOps Tutorial for Beginners | CI Pipeline with GitHub Actions and Docker Scout

Поделиться
HTML-код
  • Опубликовано: 24 дек 2024

Комментарии • 73

  • @TechWorldwithNana
    @TechWorldwithNana  Год назад +25

    What is your experience in DevSecOps? Have you already encountered it in any of your projects? 🤔
    If this tutorial was helpful for you, definitely would appreciate if you like and share it😊💙

  • @yktronix9959
    @yktronix9959 11 месяцев назад +33

    Dear Nana, I have been working since June 2022 as a DevOps Engineer and I achieved it thanks to your invaluable videos and courses.
    I have an 18-year-old daughter who is training in IT studying with your videos.
    It makes me very happy that you are about to reach one million subscribers.
    You deserve it.
    Thank you for everything you offer to the community.
    God bless you.

    • @TechWorldwithNana
      @TechWorldwithNana  11 месяцев назад +7

      Thank you for sharing this, such messages mean a lot 😊 It's so great to hear that your daughter is pursuing a career in IT too! All the best to you and your daughter! 💙

  • @lbf5984
    @lbf5984 Год назад +8

    I am in procurement and we contract out a lot of DevSecOps Engineers, appreciate learning what they actually do!

  • @willst101
    @willst101 Год назад +16

    Thank you Nana for even more awesome content. You are a treasure to the DevOps/DevSecOps community!

  • @mo.dia97
    @mo.dia97 Год назад +12

    That's very kind of you to provide the DevSecOps Tutorial fundamentals before enrolling in the course "Which I highly recommend❤" Thank you nana for your hard work you always make our life easier

  • @chakravarthyk9921
    @chakravarthyk9921 6 месяцев назад +1

    Hi Nana im working as a Principal Architect for DevOps, i strongly recommended your channel and videos to our new joiners .. Loved the way of connecting the dots. Thank you so much for making our DevSecOps Journey easier.

  • @ScottMooreConsultingLLC
    @ScottMooreConsultingLLC Год назад +1

    Great tutorial. Now can you do one on DevPerfOps? Since both security and performance are only operational requirements within development, if Security gets its own silo designation within DevOps, Performance should as well.

  • @jacobphillips9235
    @jacobphillips9235 Год назад +2

    Thanks!

  • @tdjtomas
    @tdjtomas Год назад +5

    Very clear explanation from Nana! Thank you!

  • @vpunde1
    @vpunde1 7 месяцев назад +1

    Tbh,, One of the best explanation in detailed simple words which make you understand the concept thoroughly . i will Definitely look after the entire course.. and recommended to my peers too.. thank you Nana..!😊

  • @9876rabi123456789
    @9876rabi123456789 Год назад +2

    Very, very happy to see you again😊😊😊😊😊😊😊😊😊

  • @thomash.8297
    @thomash.8297 Год назад +4

    Thanks for this Tutorial! Perfect for beginners.

  • @erionomeri007
    @erionomeri007 Год назад +6

    Very nice and to the point DevSecOps tutorial. Always enjoy your work, thanks and best wishes on the future ones.

  • @Kojo-l6d
    @Kojo-l6d 7 месяцев назад +1

    If you run into an issue where the "Docker Setup" Fails - In the Dockerfile on line 8 change dnsutils 'deb10u9' > 'deb10u10' and the pipeline should not fail building the image 53:24

  • @niksatan
    @niksatan Год назад +2

    Nana, unbelivable, I just today was thinking about this!

  • @tamishverma2261
    @tamishverma2261 Год назад +1

    Extremely good and awesome to get basic understanding

  • @Learn_IT_with_Azizul
    @Learn_IT_with_Azizul Год назад

    very useful. But, any full project helps lots to face the job interview in DevsecOps. Hopefully, more contents coming from your end. Thank You

  • @arab01001
    @arab01001 2 месяца назад +1

    I love you so much!!!!! You're saving my future!

  • @codewithtresor
    @codewithtresor Год назад +1

    best video, i start now to learn a DevOps. your videos is interesting and important for me, thanks you so much.

  • @sagarahire-ys3uj
    @sagarahire-ys3uj Год назад +2

    Awesome as always but must say takes big heart to release such content for free...Appreciate ur efforts

  • @thedeparted_one
    @thedeparted_one Год назад +1

    Nana is so awesome!

  • @zenobikraweznick
    @zenobikraweznick Год назад +3

    Amazing , high quality stuff, thank you!

  • @TamilTV2
    @TamilTV2 11 месяцев назад +1

    Excellent.. Effortless... very useful..

  • @SilentSolution
    @SilentSolution Год назад

    Indeed it was really nice video and information. Thanks for your cooperation .

  • @heikoavalos1423
    @heikoavalos1423 Год назад +2

    Thank you for this wonderful content, there's a lot of concepts that I can start to incorporate into my knowledge base

  • @ZufarExplained
    @ZufarExplained Год назад +5

    Great video, thank you!

  • @AungBaw
    @AungBaw Год назад +1

    Thank you for this teaser.

  • @alberthien3720
    @alberthien3720 Год назад +3

    Great job keep it up ❤

  • @samirowan9590
    @samirowan9590 Месяц назад

    Impressive, Thank you

  • @zenobikraweznick
    @zenobikraweznick Год назад

    29:40 - let's be paranoid for a moment, what if this bandit package is compromised already or has been tampered with (in such a way so that even maintainers do not know about it yet) and sends ALL your code to a 3rd party servers ? ;-)

  • @fazalhayat7848
    @fazalhayat7848 Год назад +1

    Good Work. Appreciate your work. Nine Work. Learnt a lot from you. Thank you.

  • @arozendojr
    @arozendojr Год назад

    Is it possible to place all requests, header and body between the microservices in Jaeger, without modifying the pod code?

  • @kareer4genz
    @kareer4genz Год назад +1

    Hi nana, can you make a video or guide paid projects for azure devops and devsecops, for hands-on experience

  • @shaunakkakade1325
    @shaunakkakade1325 Год назад

    Can you cover OPA Rego technology that pretty much achieves policy enforcement on Terraform Cloud configs? As an example, lets say you dont want to allow opening up firewall port 8182 for GCP firewall through Terraform for anyone. Without OPA, this was not much achievable as anyone can create PR and if somebody approves, it gets pushed to Prod. OPA will pretty much block that PR itself stating this isn't allowed.

  • @collinsm8263
    @collinsm8263 10 месяцев назад

    Awesome video. Please where and how can I get hold of your DevSecOps bootcamp material.?Thank you

  • @ISAF87
    @ISAF87 7 месяцев назад

    Big fan for testing and security. Here we have an annual pentest being done by a 3rd party. What is your take on 3rd party (software) doing the scanning of your codebase?
    That in itself is another attack vector, just like nuget packages used from 3rd parties.
    Do you validate who wrote the scanner, where they are located, what they are doing with the scanned sourcecode etc?

  • @johndoe20975
    @johndoe20975 Год назад +2

    Is it in plan to make Golang big course? thanks

  • @pavelulitin283
    @pavelulitin283 11 месяцев назад

    Regarding the pipeline.
    In the "Build Docker Image" step we build the image on the GitHub runner.
    In the next step of “Docker Scout Scan” we check the image in the remote repository.
    Can anyone tell me - shouldn't a push to the remote repository be performed between these two actions, so that later we can run a vulnerability check?
    Thanks in advance

  • @buildoncloud
    @buildoncloud 11 месяцев назад

    Hi Nana, thanks for this awesome course. What are you using to make these animation and slides?

  • @ransfordmensah4486
    @ransfordmensah4486 10 месяцев назад

    My scripted CI code could not commit changes, below was the error I encountered
    "There was an error committing your changes: File could not be edited"

  • @yuvaraniboopathy5530
    @yuvaraniboopathy5530 Год назад

    Hi Nana, I decided to switch my career from non-IT to IT, I have 4.5 years of experience in the non-IT healthcare (BPO) domain. I'm very versatile and proficient in my current job but still am not getting enough pay. so kindly advise what I need to start learning and where to start what are the important skills 1 must have to join into an IT career, and what are the fundamental stuff to crack an IT job interview, it's really confusing so many technology terms are there. I have all the spaces and resources to learn but the thing is the tech category has so much stuff like an ocean I only have a drop of water-level knowledge :(

    • @Dmitrii-Kalashnikov
      @Dmitrii-Kalashnikov 3 месяца назад

      Hi, I agree with you; it's the ocean, but you don't need to know everything; it's just essential. Transitioning from a non-IT healthcare role to an IT-focused position is not only viable but can also be highly advantageous given the rapid growth and technological integration within the healthcare industry. As healthcare increasingly relies on digital technologies, opportunities in Health IT, such as bioinformatics, software development, and DevOps, are expanding.
      1. Understanding Industry Growth: The Health IT sector is booming, driven by advancements in data analysis, machine learning, and the need for robust digital health solutions. This growth provides a fertile ground for careers like Bioinformatics Engineer, Health IT Developer, and DevOps Engineer, where you can leverage your healthcare knowledge to improve patient outcomes, streamline processes, and enhance data security.
      2. Essential Skills for Health IT Roles:
      Bioinformatics Engineer: Focus on statistical analysis, genetic data interpretation, and proficiency in programming languages like Python or R. Understanding of databases and machine learning is also beneficial.
      Health IT Developer: Strong foundation in programming languages such as Java, Python, or C#. Knowledge of healthcare regulations (like HIPAA in the U.S.) and experience with Electronic Health Records (EHR) systems can be significant advantages.
      DevOps Engineer in Health IT: Skills in automation tools (like Jenkins, Ansible, or Kubernetes), cloud services (AWS, Azure), and strong system administration knowledge are crucial. Understanding continuous integration and continuous deployment (CI/CD) pipelines and maintaining compliance with healthcare regulations are also important.
      3. Starting Your Transition:
      Educational Foundation: Begin with fundamental IT training, which might include basic programming courses, data structures, and algorithms. Online platforms like Coursera, edX, and Udemy offer courses tailored to healthcare IT.
      Certifications: Consider certifications that validate your IT skills and healthcare understanding, such as CompTIA Healthcare IT Technician, Certified Health Data Analyst (CHDA), or AWS Certified Solutions Architect for cloud-related roles.
      Practical Experience: Engage in projects or internships that allow you to apply IT solutions in a healthcare context. This could involve data analysis projects using public health datasets, contributing to open-source healthcare software, or implementing automation in existing healthcare workflows.
      4. Leveraging Your Background:
      Your existing knowledge of healthcare processes and terminology will be invaluable. Highlight how your background equips you to bridge the gap between clinical practices and IT solutions during interviews.
      5. Continuous Learning and Networking:
      Stay updated with the latest developments in both healthcare regulations and IT innovations. Join professional groups, attend workshops, and connect with professionals in the Health IT sector through platforms like LinkedIn.
      6. Preparing for Interviews:
      Be ready to discuss how your healthcare experience can be translated into IT solutions. Practice explaining technical concepts clearly and concisely, and be prepared to solve problem-based questions that may blend IT and healthcare scenarios.

  • @mahermostafa8245
    @mahermostafa8245 Год назад

    What about number of hours to certified in this track

  • @caodangtinh180889
    @caodangtinh180889 Год назад

    Nana, may I know the tool you used to create the presentation?

  • @kristof9497
    @kristof9497 Год назад +1

    Thank you

  • @Marsell88
    @Marsell88 Год назад

    sounds solid...

  • @rishiraj2548
    @rishiraj2548 Год назад +1

    Thanks

  • @arab01001
    @arab01001 2 месяца назад

    31:47

  • @arnaudfrancktaptuekuate5367
    @arnaudfrancktaptuekuate5367 Год назад

    Waiting for devsecops in azure devops 😂

  • @sunny_m
    @sunny_m Год назад

    This is more of Github Actions and workflows creation than devsecops.

  • @illegalsmirf
    @illegalsmirf Год назад +17

    All of this devops-derived stuff is really starting to sound ridiculous now.

    • @karthikjmoger478
      @karthikjmoger478 Год назад +2

      What? What's ridiculous in this. Don't look the title. Vice president in banks does engineering works. Look for the technology

    • @devinbartley5768
      @devinbartley5768 11 месяцев назад +7

      As a practitioner of DevHogDelSecOps specializing in optimizing operations to secure delivery of hogs across the tri-state region I resent this comment.

  • @3004atul
    @3004atul Год назад

    Please show your face also during tutorial it will enhance user view as beauty and brain combination is good.

  • @anassghir8577
    @anassghir8577 2 месяца назад

    I'm sorry but you don't explain good , there's a lot of ads in ur video, and ur way of explaining most like someone who reads a paper...