Skip to content

Comments

Feature/lab3#449

Open
ellilin wants to merge 5 commits intoinno-devops-labs:mainfrom
ellilin:feature/lab3
Open

Feature/lab3#449
ellilin wants to merge 5 commits intoinno-devops-labs:mainfrom
ellilin:feature/lab3

Conversation

@ellilin
Copy link

@ellilin ellilin commented Feb 23, 2026

Goal

Complete Lab 3 - Secure Git implementation with SSH commit signing and
pre-commit secret scanning.

Changes

  • Configured SSH commit signing using ~/.ssh/keys/linka_github (RSA
    4096-bit)
  • Created .git/hooks/pre-commit hook integrating TruffleHog and
    Gitleaks via Docker
  • Added labs/submission3.md with comprehensive documentation for both
    tasks
  • All commits signed with SSH key

Testing

Task 1 - SSH Commit Signing:

  • ✅ Git configured with gpg.format=ssh and signing key
  • ✅ Created 2 signed commits (will show "Verified" badge on GitHub)
  • ✅ Email matches GitHub account (elechka.ku@gmail.com)

Task 2 - Pre-commit Secret Scanning:

  • ✅ Safe files: commit allowed (tested with test-safe.js)
  • ✅ Fake Stripe API key: commit blocked by Gitleaks
  • ✅ Hook correctly scans only staged files via Docker

Artifacts & Screenshots

  • Signed commits: 3d97235, 98e6866 (check for "Verified" badge on
    GitHub)
  • Pre-commit hook: .git/hooks/pre-commit (executable, 107 lines)
  • Full documentation: labs/submission3.md
  • Hook tested with TruffleHog v3.93.4 and Gitleaks latest

Checklist

  • Clear title following conventional commits (docs: add lab3 submission)
  • Documentation updated (labs/submission3.md)
  • No secrets or large temporary files included (verified by
    pre-commit hook)

Short version for PR description:

Lab 3 Submission

  • Task 1 — SSH commit signing setup + analysis
  • Task 2 — Pre-commit secret scanning setup (TruffleHog + Gitleaks)

See labs/submission3.md for full documentation.

@ellilin
docs: add PR template for lab submissions
d7a621f 
Add a standardized pull request template with sections for Goal,
Changes, Testing, and Artifacts & Screenshots. Includes a checklist
to ensure quality submissions (conventional commits, documentation
updates, and no secrets/temporary files).
@ellilin
docs(lab1): add OWASP Juice Shop triage report
1992b29 
Complete triage report for OWASP Juice Shop deployment including:
- Scope & Asset information (v19.0.0)
- Environment details (macOS, Docker 28.3.3)
- Deployment verification with health checks
- Surface snapshot analysis
- Top 3 security risks identified
- PR template setup documentation
- GitHub community engagement section
@ellilin
docs: add lab2 submission - threat modeling with Threagile
2b89dec
@ellilin
docs: add lab3 submission
98e6866
@ellilin
docs: update submission3 with correct key information
3d97235
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ellilin