An interactive course to git

Overview

OperatorEquals' Sandbox Git Course!

Preface

This Git course is an ongoing project containing use cases that I've met (and still meet) while working in the IT industry as IT Security Consultant (e.g Code Auditor) and IT Security Engineer (SecDevOps - Infrascode guy and CI/CD guy), as well as an independent software and security tool Developer.

I struggled a lot learning Git (you can see my ongoing struggle in my Public Repos), yet it amazes me. The problem was always that as a newbie I never found a resource that actually helped me understand what I was doing, but only commands a guru wrote somewhere on StackExchange to someone having some problem that seemed close to mine.

What really happened and I learned Git is that after years, I failed in so many different ways that something clicked on my head. Unfortunately some of my failures were in Git repositories that I professionally maintained. And many of the failures were on the same scenarios:

  • I put EVERYTHING in one single commit - someone needs to git revert
  • I commited a Super Importand Production Secret - am I fired?

And after a million git rebase -i and force-pushes (some of them in branches I wasn't supposed to push), I figured that if I had some sandboxed repositories that recreated my problematic scenarios I would be able to fuck them up indefinitely and eventually succeed without spending hours on colleague Reviews and Q/A time. And if also there was a way that these sandboxed repositories could automatically examine my commits and -even poorly- give me some feedback, I would learn without asking about basics that I have missed, but make only targeted and well-educated questions!

I couldn't find such a resource anywhere on the Internet (very possible that I didn't search too well). So -when I felt mature enough- I made it!

How to Use

Attention: DO NOT browse this repository if you are NOT looking for challenge spoilers

This course comes with some Git repositories with names of challenge1.git, challenge2.git ... challengeN.git, hosted on Heroku using the code of this repository (later on that). To start a challenge you need to clone it. Then read its README.md and git log (mostly the commit that has a title starting with [Objectives]).

Example:

git clone https://git-interactive-course.herokuapp.com/challenge1.git
cd challenge1
cat README.md
git log

What you have to do to solve the challenge should be clear by then!

What is left is to create a new branch, do your magic and then git push origin to get the feedback from the Git Course Server. The Git Course Server checks each commit (message AND contents) for specific requirements, such as commit message conventions, expected code, file similarity, and others. Every challenge has a dedicated script checking pushed commits, as each time the objectives are different and need to be checked in specific ways.

If a commit (or the whole diff) does not pass the tests, an informative message with the commit hash appears as a result of git push and the upstream changes are discarded. You can git push your changes forever and check every part of your solution. There is no "final" push - it is no exam. It is a sandbox!

Finally, there is no scoring, no leaderboard and no logs of what you do! Learning sometimes takes suffering and frustration and watching people suffer or rewarding frustration points has never worked as a teaching experience for me.

The Challenges

The implemented challenges up to now are:

Challenge 1 - Commit Message conventions

This challenge asks the solver to write about 5 super-simple lines of Python code (as this is no coding course) and commit the changes using the commit message convention already used in the repository. It is a warming up challenge, yet it shows the importance of adopting the style of something already present before us, which is the case when joining software organisations.

git clone https://git-interactive-course.herokuapp.com/challenge1.git

Challenge 2 - Atomic Commits

This challenge asks the solver to split an already existing commit to 2 commits. This involves rewriting history. The given commit is bloated in a sense that contains changes that implement more than one feature, violating the principle of 1 thing per commit. When maintaining big codebases, a change can always lead to a bug - sometimes a Prod breaking one or a Security bug. Ensuring that the bug resides in exactly one (well documented on why it happened) commit is essential in reverting the repository to a previous working state without side-affecting other useful changes.

git clone https://git-interactive-course.herokuapp.com/challenge2.git

Challenge 3 - The Secret in the History

This challenge asks the solver completely remove a secret value commited in the Git repository. The secret has been added as a feature, and has been followed by other commits, rendering it a bit low in commit history. This is a very common use cases that requires rewriting history. Solving such a challenge does give great insight not only on correctly managing secrets in code, but also on how to undo changes long down in the git log.

git clone https://git-interactive-course.herokuapp.com/challenge3.git

More to come...

Run Locally

If you feel like hosting the whole project on your premises you can easily do so using Containers. There are two Git repository connectivity options, the http and the ssh. The Makefile residing in this repository will create a container image by just issuing make image - the TYPE parameter accepts both ssh and http(default), and from there the sky is the limit!

You can go with docker run ... or even use Kubernetes and host it company-wide for a training session, or anything that runs containers basically.

Feedback and Dev-Mode

This is an Open-Source Project hosted on Free services and under Public Domain. Any feedback on it, such as bugs on challenge checks or repositories, recommendations for new challenges, typos and all else, are all welcome under the Issues section of this repository. Also Pull Requests are very welcome and will be greatly appreciated!

This Repository

Creating a Git course and explaining techniques and best-practices in a repository that does not use them itself does not make sense. So this Git repository follows Git message conventions and does have atomic commits (as much as possible). Also, in case you go Dev-mode you can ALWAYS find information on commit messages! Writing the commit message sometimes takes as much as the code itself. Also, they are all writen with explaining to others (+ future self) everything that is getting done and why in mind.

Implementation

The challenge feedback is solely based on the Git mechanism of Server-Side hooks. Specifically, update is used for branch-protection and post-update for the challenge checks. The challenge checks are implemented in Python3 using PyGit2 to programmatically inspect Git objects (analyze commits, diffs, refs/branches, etc).

A small Python3 module is sloppily getting developed for generic commit checks (gitcourselib.py) that could maybe be used independently.

Git Transports that are supported are ssh and http, implemented with basic OpenSSH with git-shell startup shell for ssh and a custom Apache2 configuration for http. All parts of the implementation are Open-Source and available under deploy/.

Donations

In case my work helped you, you can always buy me a beer or a liter of gas through the Internet or in case you meet me personally. In the second case we can talk about privacy (during drinking the beer or driving somewhere), about the funny idea that Git resembles the Human Psychology, about self-organized communes or anything you bring up :)

donation

Owner
John Torakis
The men don't know but the lil' girls understand
John Torakis
A professional version for LBS

呐 Yuki Pro~ 懒兵服御用版本,yuki小姐觉得没必要单独造一个仓库,但懒兵觉得有必要并强制执行 将na-yuki框架抽象为模块,功能拆分为独立脚本,使用脚本注释器使其作为py运行 文件结构: na_yuki_pro_example.py 是一个说明脚本,用来直观展示na,yuki! Pro

1 Dec 21, 2021
My repository for the Advent of Code, starting from 2021

Advent of Code This is my repository for the Advent of Code (https://adventofcode.com/), starting from 2021. File Structure Inside each year folder, s

Yu-Ting 6 Dec 15, 2021
EasyBuild is a software build and installation framework that allows you to manage (scientific) software on High Performance Computing (HPC) systems in an efficient way.

EasyBuild is a software build and installation framework that allows you to manage (scientific) software on High Performance Computing (HPC) systems in an efficient way.

EasyBuild community 87 Dec 27, 2022
Hack CMU Go Local Project

GoLocal A submission for the annual HackCMU Hackathon. We built a website which connects shopper with local businesses. The goal is to drive consumers

2 Oct 02, 2021
[x]it! support for working with todo and check list files in Sublime Text

[x]it! for Sublime Text This Sublime Package provides syntax-highlighting, shortcuts, and auto-completions for [x]it! files. Features Syntax highlight

Jan Heuermann 18 Sep 19, 2022
pvaPy provides Python bindings for EPICS pvAccess

PvaPy - PvAccess for Python The PvaPy package is a Python API for EPICS7. It supports both PVA and CA providers, all standard EPICS7 types (structures

EPICS Base 25 Dec 05, 2022
A python script for combining multiple native SU2 format meshes into one mesh file for multi-zone simulations.

A python script for combining multiple native SU2 format meshes into one mesh file for multi-zone simulations.

MKursatUzuner 1 Jan 20, 2022
Craxk is a SINGLE AND NON-REPLICABLE Hash that uses data from the hardware where it is executed to form a hash that can only be reproduced by a single machine.

What is Craxk ? Craxk is a UNIQUE AND NON-REPLICABLE Hash that uses data from the hardware where it is executed to form a hash that can only be reprod

5 Jun 19, 2021
ARK sõidueksami Matrixi bot

ARK Sõidueksami bot Küsib ARK-i lehelt uusimad eksami ajad ja saadab sõnumi Matrixi kanali Dev setup Linux python3 -m venv venv source venv/bin/activa

Arti Zirk 3 Jun 15, 2021
Improve current data preprocessing for FTM's WOB data to analyze Shell and Dutch Governmental contacts.

We're the hackathon leftovers, but we are Too Good To Go ;-). A repo by Lukas Schubotz and Raymon van Dinter. We aim to improve current data preprocessing for FTM's WOB data to analyze Shell and Dutc

ASReview hackathon for Follow the Money 5 Dec 09, 2021
Coded in Python 3 - I make for education, easily clone simple website.

Simple Website Cloner - Single Page Coded in Python 3 - I make for education, easily clone simple website. How to use ? Install Python 3 first. Instal

Phạm Đức Thanh 2 Jan 13, 2022
Find your desired product in Digikala using this app.

Digikala Search Find your desired product in Digikala using this app. با این برنامه محصول مورد نظر خود را در دیجیکالا پیدا کنید. About me Full name: M

Matin Ardestani 17 Sep 15, 2022
This tool for beginner and help those people they gather information about Email Header Analysis, Instagram Information, Instagram Username Check, Ip Information, Phone Number Information, Port Scan

This tool for beginner and help those people they gather information about Email Header Analysis, Instagram Information, Instagram Username Check, Ip Information, Phone Number Information, Port Scan.

cb-kali 5 Feb 18, 2022
Python-Kite: Simple python code to make kite pattern

Python-Kite Simple python code to make kite pattern. Getting Started These instr

Anoint 0 Mar 22, 2022
Up to date simple useragent faker with real world database

fake-useragent info: Up to date simple useragent faker with real world database Features grabs up to date useragent from useragentstring.com randomize

Victor K. 2.9k Jan 04, 2023
Скрипт позволяет заводить задачи в Панель мониторинга YouTrack на основе парсинга сайта safe-surf.ru

Скрипт позволяет заводить задачи в Панель мониторинга YouTrack на основе парсинга сайта safe-surf.ru

Bad_karma 3 Feb 12, 2022
Writeup and scripts for the 2021 malwarebytes crackme

Malwarebytes Crackme 2021 Tools and environment setup We will be doing this analysis in a Windows 10 VM with the flare-vm tools installed. Most of the

Jerome Leow 9 Dec 02, 2022
An Notifier Program that Notifies you to relax your eyes Every 15 Minutes👀

Every 15 Minutes ⌛ Every 15 Minutes is an application that is used to Notify you to Relax your eyes Every 15 Minutes, This is fully made with Python a

FSP Gang s' YT 2 Oct 18, 2021
A simple script that can watch a list of directories for change and does some action

plot_watcher A simple script that can watch a list of directories and does some action when a specific kind of change happens In its current implement

Charaf Errachidi 12 Sep 10, 2021
This python application let you check for new announcements from MMLS, take attendance while your lecturer is sharing QR Code on the screen.

This python application let you check for new announcements from MMLS, take attendance while your lecturer is sharing QR Code on the screen.

wyhong3103 5 Jul 17, 2022