SHIP-HATS Advanced for DevSecOps Engineers

Join SHIP-HATS Waitlist for updates
Enquiry
Programme Code D292
Domain
Applications Development
Level
Foundation
Learning Partner(s)
GovTech
Duration
1 Day
Format In-person
Rating
Competencies
DevOps Methodologies
Job Roles
Software Engineer DevOps Engineer Solutions Architect Systems Engineer

Overview

Elevate your skills with the Advanced SHIP-HATS Training, tailored for DevSecOps engineers seeking to master secure, scalable software delivery pipelines. Focused on an "Everything as Code" philosophy, this hands-on course empowers you to leverage SHIP-HATS End-to-End (e2e) templates for CI/CD, infrastructure as code, compliance, and secure application development.

Discover advanced SHIP-HATS architecture concepts, from secure access control to GitLab runners and private link endpoints. Gain expertise in implementing automated testing, application security, license risk mitigation, and compliance integration through real-world scenarios.

Explore the latest AI-powered tools, including chatbots and copilots, to boost coding efficiency and security. Dive into forward-looking practices like GCC+ standards, SLSA frameworks, and self-service techniques using robust documentation and chatbots. Through engaging hands-on exercises, build and deploy a Python web application, integrate security tools, and apply compliance frameworks. Get ready to accelerate delivery timelines while ensuring top-notch security and quality.

Key Takeaways

At the end of this programme, you will be able to:

  • Gain hands-on experience with SHIP-HATS End-to-End (e2e) templates for CI/CD, infrastructure as code, and project management as code, understanding the design rationale behind these templates
  • Build and deploy a Python web application with compliance frameworks integrated into pipelines
  • Understand and implement compliance frameworks, including applying webapp-compliance to example pipelines
  •  Ensure secure and scalable solutions, explore architecture concepts, including AWS VPC Endpoint, private link configurations, runners, and GitLab groups
  • Enhance pipeline quality using automated testing, license risk management, application security, and compliance monitoring
  • Utilise frameworks like SLSA to secure the software supply chain and ensure artifact integrity
  • Explore AI-powered tools such as chatbots and copilots to optimise code execution and security practices
  • Stay informed about upcoming capabilities, such as GCC+ integration in SHIP-HATS and to prepare for future advancements

Who Should Attend

  • Please refer to the job roles section.

This programme will cover the following topics:

Overview:

  • DevSecOps for Singapore Government
  • Introducing SHIP-HATS 2.0
  • SHIP-HATS features
  • Inner-sourcing & metrics

Tools:

  • Hello World on GitLab
  • SHIP-HATS resources

Configuring a CI/CD Pipeline:

  • 6 Checkpoints: Copy template, Build, Test, Deploy, Runtime test, Publish

Compliance Framework:

  • Compliance checkpoint

Alternative Tools:

  • FOD Demo
  • Additional Resources 
Complimentary.

Upcoming Classes

Class 1
25 Feb 2025 to 25 Feb 2025 (Full Time)
Duration: 1 day
When: Feb - 25
Time : 9:00am - 5:00pm

1. For GovTechies:

Please register via Workday.

2. For Other WOG officers:

Please obtain necessary approvals from your agency’s internal training request/HR system. Do share this Agency-Sponsored Registration Form with your relevant HR/L&D colleague. Upon completion of details, attach the file to submit via FormSG. Learn more about DA’s registration for WOG public service officers.

3. For Vendors Appointed by Government Agencies:

Please engage your Government Agency's Subscription Admin (SA) to fill in the Vendor Registration Form. Upon completion of details, please attach the file and submit via Form.sg. Do note that direct submissions by Vendors will not be accepted.