Skip to content

wendev27/DevSecOps-Learning-Lab

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

⚙️ DevSecOps Learning Lab

Learning by building.

A hands-on repository documenting my journey into DevSecOps through practical projects, experiments, and real-world software engineering practices.


📖 Overview

DevSecOps Learning Lab is my personal engineering playground where I explore the technologies, tools, and workflows used to build, secure, deploy, and maintain modern software systems.

Rather than simply following tutorials, this repository is organized as a collection of small hands-on projects. Each project focuses on solving a specific engineering problem while gradually building a complete understanding of modern software engineering and DevSecOps practices.

The goal is to learn each concept step by step, document what I learn, and eventually apply these skills to larger real-world projects such as SmartFlood V4, Gunita, and future production-ready applications.

This repository serves as both my learning journal and a record of my growth as I transition from building applications to understanding how software is securely developed, deployed, and operated in production environments.


🎯 Objectives

This repository was created to:

  • Learn DevOps and DevSecOps through hands-on projects.
  • Understand how modern software is built, deployed, and maintained.
  • Practice containerization using Docker.
  • Automate development workflows with CI/CD.
  • Explore cloud deployment strategies.
  • Learn secure software delivery practices.
  • Document engineering concepts and lessons learned.
  • Apply newly learned technologies to real-world projects.

🗺️ Learning Roadmap

✅ Phase 1 — Foundations

  • Linux Fundamentals
  • Git & GitHub Workflow
  • PNPM

🐳 Phase 2 — Containerization

  • Docker Fundamentals
  • Docker Images
  • Docker Containers
  • Docker Volumes
  • Docker Networks
  • Docker Compose
  • Multi-Container Applications

🚀 Phase 3 — CI/CD

  • GitHub Actions
  • Automated Testing
  • Continuous Integration
  • Continuous Deployment
  • Deployment Pipelines

🛡️ Phase 4 — DevSecOps

  • Environment Variables & Secrets Management
  • Dependency Scanning
  • Static Application Security Testing (SAST)
  • CodeQL
  • Trivy Container Scanning
  • Container Security
  • Secure CI/CD Pipelines
  • OWASP Security Practices

🌐 Phase 5 — Infrastructure

  • Nginx
  • Reverse Proxy
  • HTTPS
  • SSL Certificates

🗄️ Phase 6 — Databases & Caching

  • PostgreSQL
  • Redis
  • Database Backups
  • Database Migrations

📈 Phase 7 — Monitoring & Observability

  • Application Logging
  • Health Checks
  • Prometheus
  • Grafana
  • Metrics & Monitoring

☁️ Phase 8 — Cloud & Orchestration

  • Kubernetes
  • Helm
  • Cloud Deployment
  • Infrastructure Best Practices

📂 Repository Structure

DevSecOps-Learning-Lab/

01-linux/
02-git/
03-pnpm/
04-docker/
05-docker-compose/
06-github-actions/
07-ci-cd/
08-security/
09-nginx/
10-postgresql/
11-redis/
12-monitoring/
13-kubernetes/

docs/

README.md

Each directory contains small hands-on projects, experiments, notes, and documentation focused on a specific topic within the DevOps and DevSecOps roadmap.


📚 Learning Philosophy

This repository follows a simple learning process for every topic:

  1. Understand the problem.
  2. Learn the underlying concepts.
  3. Build a small hands-on project.
  4. Document what was learned.
  5. Apply the knowledge to a real project.

The goal is not simply to learn tools, but to understand why they exist, when they should be used, and how they work together in modern software engineering.


🔗 Applying What I Learn

The knowledge gained from this repository will be continuously applied to larger projects, including:

  • 🌊 SmartFlood V4
  • 📖 Gunita
  • 🔒 Future security-focused applications
  • ☁️ Cloud-native full-stack systems

This approach ensures that every concept learned is reinforced through practical implementation rather than isolated experimentation.


📚 Lessons Learned

Each mini project in this repository concludes with:

  • What problem does this technology solve?
  • Why does it exist?
  • How does it work?
  • When should it be used?
  • Challenges encountered during implementation.
  • How can it improve my real-world projects?

🚧 Current Status

🚀 Actively Learning

This repository is an ongoing learning journal documenting my progression through modern DevOps and DevSecOps practices.

As I continue learning, additional projects, documentation, and practical experiments will be added to demonstrate both my technical growth and my understanding of production-ready software engineering.

About

Learning DevSecOps one project at a time through practical experiments, documentation, and real-world software engineering workflows.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors