D

devsecops

🛡️ K-Guard : Smart Maintenance Operator

🇫🇷 Français

K-Guard est un opérateur de maintenance intelligent conçu pour l'écosystème Kubernetes. Il assure la surveillance en temps réel et la remédiation automatique de mon infrastructure Cloud (Kamatera VPS sous Ubuntu) et de mon cluster k3s où sont installées mes applications. Elle permet en un coup d'oeil de voir l'état général de santé et de sécurité de mon cluster et permet d'assurer davantages sa résilience.

💻 Stack Technique : Python (FastAPI), Vue.js 3 (TypeScript), k3s, Docker, GitLab CI/CD.

🔍 Observabilité & Action : K-Guard ne se contente pas d'observer, il agit en pilotant l'API Kubernetes pour diagnostiquer et dépanner les applications (blog-devopsnotes, portfolio-portal).

🛡️ Sécurité Native : Scan profond des logs (Nginx/Docker) et audit de conformité SSL via Cert-Manager.

⚡ Self-Healing : Détection de dérive de configuration et redémarrage automatisé des services en cas de crash.

Et d'autres fonctonnalités qui arrivent progressivement...

---------------------------------------------------

🇺🇸 English

K-Guard is a smart maintenance operator tailored for Kubernetes. It provides real-time monitoring and automated remediation for my Kamatera Cloud / Ubuntu infrastructure and k3s cluster.It provides an at-a-glance overview of my cluster's overall health and security, further ensuring its resilience.

🚀 Observability in Motion : Beyond basic monitoring, K-Guard interacts with the Kubernetes API to diagnose and troubleshoot live applications.

🔐 Security-First : Deep log analysis (Nginx/Docker) and SSL compliance auditing powered by Cert-Manager.

🛠️ Automated Remediation : Features configuration drift detection and "self-healing" capabilities to ensure maximum uptime.

⚙️ Tech Stack : Python (FastAPI), Vue.js 3 (TypeScript), k3s, Docker, GitLab CI/CD.

About FreePlayground is my public engineering lab notebook and proof-of-work repo. It captures weekly progress across DevOps fundamentals, cloud, automation, and security, plus the projects and experiments I build along the way.

Probably the most modern and sophisticated insecure web application!

Clone of OWASP Juice Shop with GitLab branding and more.

Learn more by seeing our DevSecOps Tutorial

This POC evaluates the HUGO static site generator framework for potential adoption in our infrastructure documentation projects.

This platform is designed to simplify the resignation process by providing a structured and professional way to craft resignation letters.

The purpose of this POC is to perform a comprehensive proof of concept of the entire process, from development to deployment.

This platform takes a satirical approach to the HR system, offering a humorous yet insightful perspective on navigating salary negotiations and understanding the intricacies of workplace compensation.

This Git repository serves as a valuable resource for centralizing Kubernetes manifests and automating GitOps workflows using Argo CD.

A comprehensive mortgage calculator application written in Rust with a GUI. This tool helps you calculate monthly mortgage payments including principal, interest, property taxes, insurance, PMI, and HOA fees.

Used to showcase GitLab support for Rust.

Scans selected files for patterns stated in rules. This is used in order to find secrets you may have accidentally written to a file. This scanner is used to show how the GitLab vulnerability report can be populated by a custom scanner. You can see a demo of it in action be following the documentation in the Secret List project.

This basic note-taking application is used to showcase the different GitLab features around security and governance. To get started checkout the Full Tutorial Documentation.

Talk resources, demos, prompts

Hosted by @dnsmichi, guest: @mzille-ext

GitLab Duo Coffee Chat, hosted by @dnsmichi Guest: Michael Aigner, @tonka3000

A fully automated 13-stage DevSecOps CI/CD pipeline that integrates security, compliance, and cloud-native deployment using GitLab CI and Amazon EKS.

The pipeline demonstrates real-world DevSecOps practices including:

• SAST, dependency, container, IaC, and Kubernetes manifest scanning • SBOM generation (CycloneDX) • Automated POA&M creation mapped to NIST controls • Evidence packaging for compliance audits • Secure image push to Amazon ECR • Deployment and validation on Amazon EKS • Full run-to-completion behavior (lab mode) with findings documented rather than blocking

This project showcases an end-to-end secure software supply chain workflow suitable for: cloud engineering, DevOps, cybersecurity, and compliance automation demonstrations.

This repository provides a comprehensive, production-grade blueprint for a modern DevSecOps pipeline. It showcases the integration of GitLab CI/CD, Terraform, HashiCorp Vault, and various security tools to build, test, and deploy a containerized Python application to AWS securely and efficiently.

This Git repository serves as a valuable resource for managing Automations and associated scripts, like backups script, synchronization, etc.

SafeDep vet CI Component for policy driven vetting of open source dependencies.

A GitLab CI/CD pipeline that builds a hardened UBI9‑STIG Apache container, injects application content, and deploys the image to a local OpenShift cluster.