inno-devops-labs · SrbskiDobrovilci · Jan 30, 2026 · Jan 30, 2026 · Jan 30, 2026 · Jan 30, 2026
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,13 @@
+## Goal
+<!-- Brief description of what this PR accomplishes -->
+
+## Changes
+<!-- List or describe key modifications -->
+
+## Testing
+<!-- How this was verified (e.g., unit tests, manual testing steps) -->
+
+## Checklist
+- [ ] Clear, descriptive PR title
+- [ ] Documentation/submission updated (if needed)
+- [ ] No secrets or large temporary files committed
diff --git a/labs/image-1.png b/labs/image-1.png
diff --git a/labs/image.png b/labs/image.png
diff --git a/labs/submission1.md b/labs/submission1.md
@@ -0,0 +1,13 @@
+Answer: "Why is commit signing important in DevOps workflows?"
+Summary of Benefits:
+Signing commits cryptographically proves that each change originated from a trusted, specific developer. Using a GPG, SSH, or S/MIME key, it creates a verifiable signature attached to the commit. This process guarantees the integrity of the code history, ensuring that commits have not been tampered with after the fact and providing strong authentication of the author's identity. On platforms like GitHub, verified signatures are prominently marked, adding a layer of trust and transparency to the project's history.
+
+Importance in DevOps:
+In DevOps workflows, commit signing is crucial for security and compliance, particularly in automated CI/CD pipelines. It enforces a strong chain of custody for code changes, allowing automated systems to verify that each deployment originates from an authenticated source and has not been maliciously altered. This prevents unauthorized code from being promoted through the pipeline, directly supporting security requirements, audit trails, and the principle of least privilege in collaborative environments.
+
+Evidence of commiting via ssh:
+![alt text](image.png)
+
+Able to pull request 
+![alt text](image-1.png)
+