TryHackme’s Advent of Cyber 2023 — Day 20Writeup

TryHackMe — DevSecOps [ Advent of Frostlings ]

Learning Objectives

• Learn about poisoned pipeline execution.
• Understand how to secure CI/CD pipelines.
• Get an introduction to secure software development lifecycles (SSDLC) & DevSecOps.
• Learn about CI/CD best practices.

Understanding GitLab and SDLC Concepts

GitLab serves as a collaborative and automated platform spanning the software development lifecycle (SDLC). The SDLC represents the structured framework outlining the various stages code undergoes, from conception and development to deployment. At its core, GitLab revolves around Git, a distributed version control system (VCS) managing code.

Key Components of GitLab:

1. Version Control System (VCS): This environment facilitates the tracking and management of codebase changes, promoting seamless collaboration and preserving project history and versioning.
2. CI/CD Pipelines: These pipelines automate building, testing, and deployment processes, ensuring consistent integration, testing, and delivery of code to specified environments (such as production or staging).