Week 07 — CI/CD, Security & Cloud Infrastructure
Harden and ship: CI/CD pipelines, container security, LLM security + guardrails, cloud compute basics, IaC, budgets, and event-driven systems.
Topics
| # | Topic | Focus |
|---|---|---|
| 1 | GitHub Actions Advanced | Matrix builds, reusable workflows, OIDC, secrets |
| 2 | Advanced Docker | Buildx, multi-platform, Trivy scanning |
| 3 | LLM Security — Offensive | Prompt injection, jailbreaks, exfiltration probes |
| 4 | LLM Safety — Defensive | Guardrails, filters, PII masking, hallucination checks |
| 5 | OWASP LLM Top 10 | Threats + mitigations |
| 6 | VMs & SSH | Compute Engine, tmux, rsync, port forwarding |
| 7 | Serverless Functions | Cloud Run, Lambda, Workers |
| 8 | IaC Basics (Terraform) | Providers, resources, state files |
| 9 | Cost Alerting & Budget Caps | Billing alerts, spend limits |
| 10 | Pub/Sub & Event-Driven | Pub/Sub, Kafka basics, fan-out |
Hands-on Lab (Labs + Capstones)
- Lab: Red-team your own API + add NeMo Guardrails
- Lab: Full CI/CD: build → scan → Artifact Registry → deploy to Cloud Run
Learning outcomes (dummy)
- Explain the core concepts in this week’s toolchain.
- Implement a small working prototype.
- Measure or validate results with at least one simple check.
Content status
All pages are placeholders right now. We’ll replace them with real notes later.