What you'll learn:
- Integrate SAST using Sonarcloud (SAAS) in DevSecOps
- Integrate SAST using SonarQube in DevSecOps
- Integrate SCA scan using Snyk in Jenkins Pipeline
- Build, Scan & Push Docker Image to AWS ECR
- Deploy the Application (Docker Image) to EKS Cluster
- Configure and setup of AWS EKS Cluster
- Integrate DAST Scan using ZAP tool in Jenkins pipeline
- Implemente Continuous Integration and Continuous Deployment with Jenkins Pipeline.
DevSecOps stands for development, security, and operations. It is an extension of the DevOps practice.
This course will cover everything you need to know to get started and be successful in DevSecOps. It includes hands-on demos, walkthroughs, quizzes, and presentations.
The course provides downloadable source code and links to all the tools and websites mentioned so that you can use them in your local environment and follow along at your own pace.
Key topics covered are:
Module 1: Introduction of DevsecOps
Introduction of DevsecOps
Benefits of DevSecOps
DevSecOps vs. DevOps
Module 2: Overview of Maven Tool
Maven Lifecycle: Default, Clean & Site
Repositories used in Maven
Lab - Build the Springboot package in AWS Environment
Lab: Location of Artifacts & built package dependencies
Lab: Exploring pom.xml file
Lab: Access the package application
Lab: Exploring dependencies of a built package
Lab: Build Lifecycle
Lab: Lab: Create a Web Application Project Using Maven
Module 3: Integrate SAST using Sonarcloud (Software as a Service - SaaS) in DevSecOps
Overview of SAST - Static Application Security Testing
Create a Jenkins Server
Install Maven, git, Java, Jenkins etc.
Configure Jenkins
Install suggested Plugins
Dashboard of Jenkins
Integrate Maven with Jenkins
Build the package - Springboot Maven Micro Project
Configure Sonarcloud - cloud-based clean code
Add a stage Compile and Run the Sonar Analysis in Jenkins Pipeline
Generate Security Tokens from Sonarcloud
Sonar Code Analysis on Vulnerable Project (Bugs, Security issues)
Module 4: Integrate SAST using SonarQube in DevSecOps
Create a SonarQube Server
Run Sonarqube Service
Access SonarQube Server via URL
Install SonarQube Scanner Plugins
Integrate SonarQube with Jenkins
Jenkins Pipeline - Sonar Quality Check 1
Jenkins Pipeline - Sonar Quality Check 2
Module 5: Integrate SCA scan using Snyk in Jenkins Pipeline
About Snyk tool and benefits
Install a CI server - Jenkins Server
Install apache maven on CI Server
Access the CI Server - Jenkins Server
Configure the Jenkins Server
Create a admin user account on Jenkins Server
Create an account on snyk tool
Add snyk-maven-plugin in pom.xml
Run SCA analysis using snyk
SCA analysis report using snyk
Module 6: Build, Scan & Push Docker Image to AWS ECR
Build, Scan & Push Docker Image (Application) to AWS ECR
Module 7: Deploy the Docker image to a server (Continuous Deployment)
Module 8: Deploy the Application (Docker Image) to EKS Cluster
Setup of AWS EKS Cluster
Create a Client to access EKS Cluster
Configure AWS CLI Credentials
Check Cluster status using CLI
Update kubeconfig file
Install Kubectl
Install Eksctl
Troubleshooting - invalid apiVersion error
Create Node group for EKS Cluster
Compute EKS Cluster
Add a new project in Jenkins Pipeline
Create and attach a role to EKS Client
Setup sshagent in Jenkins pipeline
Copy files from Jenkins server to EKS Client
Create a secret key
Troubleshooting
Execute the application manually
Add a stage to copy the pod deployment file
Run the final pipeline - complete CICD
Module 9: Integrate DAST Scan using ZAP tool in Jenkins pipeline
About ZAP tool
Add a stage in Jenkins Pipeline
Installation of ZAP tool
ZAP command
Add a stage to copy zap script in Jenkins Pipeline
Add a stage of DAST using ZAP tool in Jenkins Pipeline
Execute the Jenkins job for DAST Scan
Analyze the console logs of Jenkins Job
Access the zap report using web page
Delete the running eks cluster
Module 10: Real-Time Project – Secure CI/CD Pipeline for Web Application Deployment
Course Overview
Create a GitHub repository for a Bingo application
Install Git Bash
Clone GitHub Repo Locally
Generate Access Token
PushCodetoGitHub
Module 11: Set Up AWS Virtual Machine
VM Setup for Jenkins and SonarQube
Install Docker on SonarQube Server
Login to DockerHub from SonarQube Server
Deploy SonarQube with Docker
Access SonarQube via Port 9000
Set Up Jenkins
Access Jenkins via Port 8080
Customize Jenkins Setup
Module 12: Essential Jenkins Plugins
Required Plugins for Jenkins
Module 13: Integrate Tools with Jenkins
Configure JDK in Jenkins
Configure SonarQube Scanner in Jenkins
Configure Node.js in Jenkins
Configure Dependency-Check in Jenkins
Configure Docker in Jenkins
Module 14: Set Up Jenkins-SonarQube Integration
Jenkins and SonarQube Integration Setup
Overview of Webhook
Configure Webhook for Jenkins
Add SonarQube Server in Jenkins
Module 15: Jenkins Pipeline: Clean & Checkout Project
Create Jenkins Job to Clean Workspace
Add Checkout Stage in Pipeline
Module 16: SonarQube – Code Quality Tool for Cleaner Code
Add SonarQube Analysis Stage in Pipeline
SonarQube Analysis with withSonarQubeEnv
Run Jenkins Job and View SonarQube Report
Add waitForQualityGate Stage in Pipeline
Run Job to Verify waitForQualityGate
Module 17: Install Node.js Dependencies with npm
Add Stage to Install Node.js Dependencies
Module 18:OWASP – Security Testing Tool
Add Stage for OWASP Security Scan
Analyze OWASP Security Report
Module 19: Trivy Tool for Security Scanning
Add Stage for Trivy FS Scan
Explore Trivy Report
Module 20: Build and Push Docker Image to DockerHub
Understanding Docker Build
Add Stage to Build Docker Image for Node.js
Dockerfile to Build Docker Image
Run Job to Verify Docker Image
Push Docker Image to DockerHub
Module 21: Trivy – Scan Docker Image for Vulnerabilities
Add Stage to Scan Docker Image
Explore Trivy Scan Report
Module 22:Deploy Node.js Web Application
Add Stage to Deploy Docker Image
Access Node.js App via URL
Module 23:Domain Registration and SSL Setup
Register a Free Domain Name
Setting Up Nginx on Your Server
Update the DNS 'A' Record for Your Domain
Install and Configure SSL Certificate
Last lecture
