Klagarge/MSE-CyberSec-DevSecOps
1
0
Fork 0
Code Issues Pull Requests Releases Activity
Files
be3db6e6057e132dfa92e20016e54bb934f01069
MSE-CyberSec-DevSecOps/docs/questions-part1.md
Michael Mäder ec709475c0 setup season 2425 with first part of the questions
2025-03-10 09:09:00 +01:00

992 B
Raw Blame History

Questions - Part 1

Unit tests - Secret keys - Linter - optimized CI/CD pipeline

  • Q1.1: Provide additional unit tests to ensure that wrong input (type, values, ...) doesn't crash the application, but gets intercepted and produce a controlled error. It is possible that you have also to adjust slightly the application
  • Q1.2: The secret key for flask is hard coded. Is this good practice? What are the dangers? How could this be fixed?
  • Q1.3: Give a short description of Linter. Integrate a basic linter like Flake8 or Ruff in the existing CI/CD pipeline
  • Q1.4 (optional): The run of the current CI/CD pipeline takes some time. Especially the time to setup the docker with the update and installation of all the dependencies is quite time consuming compared to the real testing time. Do you see any alternatives to speed up this process? Describe and try to implement it in your pipeline.