Learning by building.
A hands-on repository documenting my journey into DevSecOps through practical projects, experiments, and real-world software engineering practices.
DevSecOps Learning Lab is my personal engineering playground where I explore the technologies, tools, and workflows used to build, secure, deploy, and maintain modern software systems.
Rather than simply following tutorials, this repository is organized as a collection of small hands-on projects. Each project focuses on solving a specific engineering problem while gradually building a complete understanding of modern software engineering and DevSecOps practices.
The goal is to learn each concept step by step, document what I learn, and eventually apply these skills to larger real-world projects such as SmartFlood V4, Gunita, and future production-ready applications.
This repository serves as both my learning journal and a record of my growth as I transition from building applications to understanding how software is securely developed, deployed, and operated in production environments.
This repository was created to:
- Learn DevOps and DevSecOps through hands-on projects.
- Understand how modern software is built, deployed, and maintained.
- Practice containerization using Docker.
- Automate development workflows with CI/CD.
- Explore cloud deployment strategies.
- Learn secure software delivery practices.
- Document engineering concepts and lessons learned.
- Apply newly learned technologies to real-world projects.
- Linux Fundamentals
- Git & GitHub Workflow
- PNPM
- Docker Fundamentals
- Docker Images
- Docker Containers
- Docker Volumes
- Docker Networks
- Docker Compose
- Multi-Container Applications
- GitHub Actions
- Automated Testing
- Continuous Integration
- Continuous Deployment
- Deployment Pipelines
- Environment Variables & Secrets Management
- Dependency Scanning
- Static Application Security Testing (SAST)
- CodeQL
- Trivy Container Scanning
- Container Security
- Secure CI/CD Pipelines
- OWASP Security Practices
- Nginx
- Reverse Proxy
- HTTPS
- SSL Certificates
- PostgreSQL
- Redis
- Database Backups
- Database Migrations
- Application Logging
- Health Checks
- Prometheus
- Grafana
- Metrics & Monitoring
- Kubernetes
- Helm
- Cloud Deployment
- Infrastructure Best Practices
DevSecOps-Learning-Lab/
01-linux/
02-git/
03-pnpm/
04-docker/
05-docker-compose/
06-github-actions/
07-ci-cd/
08-security/
09-nginx/
10-postgresql/
11-redis/
12-monitoring/
13-kubernetes/
docs/
README.md
Each directory contains small hands-on projects, experiments, notes, and documentation focused on a specific topic within the DevOps and DevSecOps roadmap.
This repository follows a simple learning process for every topic:
- Understand the problem.
- Learn the underlying concepts.
- Build a small hands-on project.
- Document what was learned.
- Apply the knowledge to a real project.
The goal is not simply to learn tools, but to understand why they exist, when they should be used, and how they work together in modern software engineering.
The knowledge gained from this repository will be continuously applied to larger projects, including:
- 🌊 SmartFlood V4
- 📖 Gunita
- 🔒 Future security-focused applications
- ☁️ Cloud-native full-stack systems
This approach ensures that every concept learned is reinforced through practical implementation rather than isolated experimentation.
Each mini project in this repository concludes with:
- What problem does this technology solve?
- Why does it exist?
- How does it work?
- When should it be used?
- Challenges encountered during implementation.
- How can it improve my real-world projects?
🚀 Actively Learning
This repository is an ongoing learning journal documenting my progression through modern DevOps and DevSecOps practices.
As I continue learning, additional projects, documentation, and practical experiments will be added to demonstrate both my technical growth and my understanding of production-ready software engineering.