Skip to content

Feature/lab11#902

Open
KsAKarpeeva73 wants to merge 40 commits into
inno-devops-labs:mainfrom
KsAKarpeeva73:feature/lab11
Open

Feature/lab11#902
KsAKarpeeva73 wants to merge 40 commits into
inno-devops-labs:mainfrom
KsAKarpeeva73:feature/lab11

Conversation

@KsAKarpeeva73
Copy link
Copy Markdown

@KsAKarpeeva73 KsAKarpeeva73 commented May 15, 2026

Goal

Finish Lab 11 by demonstrating reproducible builds with Nix, reproducible Docker images, and modern Nix Flakes.

Changes

  • Added labs/submission11.md with Nix build results and analysis
  • Added a simple Go application for reproducible build testing
  • Added default.nix for building the Go binary with Nix
  • Added docker.nix for building a reproducible Docker image with dockerTools
  • Added traditional Dockerfiles for comparison
  • Added flake.nix and flake.lock for the bonus Flakes task
  • Documented store paths, SHA256 hashes, Docker image IDs, image sizes, and layer history
  • Included screenshots proving reproducibility and build results

Testing

  • Nix installation was verified
  • Go application builds successfully with Nix
  • Repeated Nix builds produced identical store paths
  • Repeated Nix builds produced identical binary hashes
  • Traditional Docker builds were compared against Nix builds
  • Nix-built Docker image produced identical store paths and tarball hashes
  • Docker image sizes and layer histories were compared
  • Flake-based builds were tested
  • Development shell was verified with nix develop
  • Documentation is complete and updated

Lab Checklist

Platform: GitHub

  • Task 1 — Build Reproducible Artifacts from Scratch
  • Task 2 — Reproducible Docker Images with Nix
  • Bonus Task — Modern Nix with Flakes

KsAKarpeeva73 and others added 30 commits February 4, 2026 20:43
@KsAKarpeeva73
docs: add commit signing summary
990680f
@KsAKarpeeva73
finish 1 task
99e184b
@KsAKarpeeva73
chore: add PR template
c9679b3
@KsAKarpeeva73
finish 2 task
4a33850
@KsAKarpeeva73
Merge pull request #1 from KsAKarpeeva73/feature/lab1
ad54f82 
Feature/lab1
@KsAKarpeeva73
Add test file
1373a59
@KsAKarpeeva73
finish 1 task
e57a2d9
@KsAKarpeeva73
finish 2 task
fef7d67
@KsAKarpeeva73
finish 3 task
855b5d5
@KsAKarpeeva73
finish 4 task
bd20ea6
@KsAKarpeeva73
chore: add demo file for restore
f2a27d5
@KsAKarpeeva73
chore: update demo file
8b2b2d4
@KsAKarpeeva73
finish 5 task
8d6896b
@KsAKarpeeva73
fix 5 tasks
730a766
@KsAKarpeeva73
docs: add lab2 submission
3223a4b
@KsAKarpeeva73
Merge pull request #2 from KsAKarpeeva73/feature/lab2
299e463 
Feature/lab2
@KsAKarpeeva73
Merge branch 'inno-devops-labs:main' into main
c5a7d57
@KsAKarpeeva73
ci: add lab3 workflow (task1)
b2071cf
@KsAKarpeeva73
ci: move workflow to .github/workflows
2f63fe4
@KsAKarpeeva73
finish 1 task
de3cb42
@KsAKarpeeva73
ci: add workflow_dispatch and system info (task2)
f0619cf
@KsAKarpeeva73
ci: add lab3 workflow to main for manual runs
724eaae
@KsAKarpeeva73
finish lab
a800d1c
@KsAKarpeeva73
Merge pull request #3 from KsAKarpeeva73/feature/lab3
29d6fe0 
Feature/lab3
@KsAKarpeeva73
docs: add lab4 submission
6425551
@KsAKarpeeva73
Merge pull request #4 from KsAKarpeeva73/feature/lab4
ee7d724 
docs: add lab4 submission
@KsAKarpeeva73
finish 1 task
45bbd52
@KsAKarpeeva73
finish lab5
160af75
@KsAKarpeeva73
Merge pull request #5 from KsAKarpeeva73/feature/lab5
6b0641a 
Feature/lab5
@KsAKarpeeva73
docs: add lab6 submission
f99a185
@KsAKarpeeva73
Merge pull request #6 from KsAKarpeeva73/featurelab6
5d45224 
docs: add lab6 submission
@KsAKarpeeva73
finish 7 lab
793c3e2
@KsAKarpeeva73
Merge pull request #7 from KsAKarpeeva73/feature/lab7
eac9928 
finish 7 lab
@KsAKarpeeva73
fnish lab10
5e6ff21
@KsAKarpeeva73
Merge pull request #8 from KsAKarpeeva73/feature/lab10
199ddfa 
fnish lab10
@KsAKarpeeva73
docs: add lab8 submission
67b01e0
@KsAKarpeeva73
Merge pull request #9 from KsAKarpeeva73/feature/lab8
f28536c 
docs: add lab8 submission
@KsAKarpeeva73
docs: add lab9 submission
527a55e
@KsAKarpeeva73
Merge pull request #10 from KsAKarpeeva73/feature/lab9
1a2f7d6 
## Goal

Finish Lab 9 by performing DevSecOps security scans with OWASP ZAP and Trivy, then documenting the findings.

## Changes

- Added labs/submission9.md with DevSecOps scan results and analysis
- Ran OWASP ZAP baseline scan against OWASP Juice Shop
- Documented Medium risk web vulnerabilities and security headers status
- Ran Trivy scan for the bkimminich/juice-shop container image
- Documented HIGH and CRITICAL container vulnerabilities
- Added screenshots of ZAP report and Trivy findings
- Included analysis and CI/CD integration reflection

## Testing

- [x] OWASP Juice Shop was deployed and verified locally
- [x] OWASP ZAP baseline scan completed successfully
- [x] ZAP HTML report was generated and analyzed
- [x] Trivy container image scan completed successfully
- [x] HIGH and CRITICAL vulnerabilities were documented
- [x] Screenshots are included as evidence
- [x] Documentation is complete and updated

## Lab Checklist

- [x] Task 1 — Web Application Scanning with OWASP ZAP
- [x] Task 2 — Container Vulnerability Scanning with Trivy
@KsAKarpeeva73
docs: add lab11 submission
0664da6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@KsAKarpeeva73