Python Virtual Environments Lab

By /

1. Create the Environment

# Linux/macOS
python3 -m venv my_devsecops_env

2. Activate it

# Linux/macOS
source my_devsecops_env/bin/activate
# (You will see '(my_devsecops_env)' appear in your terminal prompt)

3. Install a library and verify

pip install requests
pip list  # Only shows 'requests' and basic tools

4. Deactivate

deactivate
pip list  # Shows your global system libraries (requests will be missing)

Lab 1: Troubleshooting Naming & Data Type “Crashes”

Objective: Learn to identify and fix common syntax and logic errors in Python scripts.

Scenario: A junior developer has written a script to track security vulnerabilities, but it is failing. You need to fix it.

The Broken Code:

1st_tool = "Bandit"
scanner-status = "Active"
total vulnerabilities = 5
print("Scanning with " + 1st_tool)
print("Vulnerabilities found: " + total vulnerabilities)

Task:

  1. Fix the variable naming violations (Starting with number, hyphen, and spaces).
  2. Fix the TypeError when printing the vulnerabilities (Type Casting).

Solution (The Architect Way):

tool_01 = "Bandit"
scanner_status = "Active"
total_vulnerabilities = 5
# Using f-string for clean output
print(f"Scanning with {tool_01}")
print(f"Vulnerabilities found: {total_vulnerabilities}")

Lab 2: The “Dependency Conflict” Simulation

Objective: Understand why venv is mandatory by intentionally breaking and then fixing a project environment.

Scenario: You have two DevSecOps scripts. Project A requires an old version of the requests library (2.10.0), but Project B requires the latest version.

Task:

  1. Step 1: Create a directory named project_a and another named project_b.
  2. Step 2: Inside project_a, create a venv, activate it, and run pip install requests==2.10.0.
  3. Step 3: Inside project_b, create a separate venv, activate it, and run pip install requests==2.31.0.
  4. Step 4: Run pip list in both to verify that Project A’s version did not change when you installed Project B’s version.

Verification:

  • Run python -c "import requests; print(requests.__version__)" in both environments. You should see different numbers!

Lab 3: Creating a Reproducible CI/CD Environment

Objective: Learn to “Freeze” an environment so it can be recreated on any Linux server or GitHub Actions runner.

Scenario: You have finished developing a Python script for AWS IAM auditing. Now you need to give it to your DevOps team to run it in the pipeline.

Task:

  1. Create a virtual environment and activate it.
  2. Install the following DevSecOps libraries:
    • pip install boto3 (AWS SDK)
    • pip install bandit (Security Linter)
    • pip install safety (Dependency Checker)
  3. The “Freeze” Step: Generate a requirements file:Bashpip freeze > requirements.txt
  4. The “Recreation” Step: Deactivate the current venv, create a brand new one called prod_env, and install everything using only the file:Bashsource prod_env/bin/activate pip install -r requirements.txt

Architect Tip: Check the requirements.txt file. You will see not just the 3 libraries you installed, but also their “Sub-dependencies.” This ensures 100% environment consistency.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top