diff --git a/.DS_Store b/.DS_Store
new file mode 100644
index 00000000..8328d7bf
Binary files /dev/null and b/.DS_Store differ
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
new file mode 100644
index 00000000..8a0ac6ea
--- /dev/null
+++ b/.github/pull_request_template.md
@@ -0,0 +1,16 @@
+## Goal
+<!-- What problem does this PR solve? Link issue/task if any -->
+
+## Changes
+- 
+- 
+
+## Testing
+- [ ] Not tested (explain why)
+- [ ] Manual testing (describe)
+- [ ] Automated tests (list)
+
+### Checklist
+- [ ] Changes are small and focused
+- [ ] Code style/lint/build passes
+- [ ] Docs/README updated if needed
diff --git a/.github/workflows/lab3-ci.yml b/.github/workflows/lab3-ci.yml
new file mode 100644
index 00000000..5bf8c265
--- /dev/null
+++ b/.github/workflows/lab3-ci.yml
@@ -0,0 +1,39 @@
+name: Lab3 CI
+
+on:
+  push:
+  workflow_dispatch:
+
+jobs:
+  basic-info:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Print hello and context
+        run: |
+          echo "Hello from GitHub Actions!"
+          echo "Repository: $GITHUB_REPOSITORY"
+          echo "Branch/Ref: $GITHUB_REF"
+          echo "Actor: $GITHUB_ACTOR"
+          echo "SHA: $GITHUB_SHA"
+
+      - name: System information (OS/CPU/RAM/Disk)
+        run: |
+          echo "=== OS ==="
+          uname -a || true
+          cat /etc/os-release || true
+
+          echo "=== CPU ==="
+          lscpu || true
+
+          echo "=== Memory ==="
+          free -h || true
+
+          echo "=== Disk ==="
+          df -h || true
+
+          echo "=== Runner env ==="
+          echo "RUNNER_OS=$RUNNER_OS"
+          echo "RUNNER_ARCH=$RUNNER_ARCH"
+          echo "RUNNER_NAME=$RUNNER_NAME"
+          echo "RUNNER_TEMP=$RUNNER_TEMP"
+          echo "RUNNER_TOOL_CACHE=$RUNNER_TOOL_CACHE"
\ No newline at end of file
diff --git a/demo.txt b/demo.txt
new file mode 100644
index 00000000..fb188b9e
--- /dev/null
+++ b/demo.txt
@@ -0,0 +1 @@
+scratch
diff --git a/labs/image copy.png b/labs/image copy.png
new file mode 100644
index 00000000..df464a26
Binary files /dev/null and b/labs/image copy.png differ
diff --git a/labs/image.png b/labs/image.png
new file mode 100644
index 00000000..5dcdfeca
Binary files /dev/null and b/labs/image.png differ
diff --git a/labs/image0.png b/labs/image0.png
new file mode 100644
index 00000000..685c5fe3
Binary files /dev/null and b/labs/image0.png differ
diff --git a/labs/submission1.md b/labs/submission1.md
new file mode 100644
index 00000000..116413db
--- /dev/null
+++ b/labs/submission1.md
@@ -0,0 +1,16 @@
+## Task 1
+### Commit Signing Benefits:
+
+Commit signing helps to verify identity of developer who made the commit and ensures that code was not modified by unauthorized users. It increases trust in codebase and improves security.
+
+### Evidence of SSH Key Setup and Signed Commit
+
+- SSH key was successfully generated and added to GitHub
+- Git was configured to use SSH for commit signing
+- A signed commit was created using the -S flag
+- The commit shows a "Verified" badge on GitHub
+
+### Why is commit signing important in DevOps workflows?
+
+Commit signing guarantees authenticity and integrity of code changes. It prevents malicious contributions, ensures accountability, and helps teams to trust source of every commit in the repository.
+![alt text](image.png)
\ No newline at end of file
diff --git a/labs/submission2.md b/labs/submission2.md
new file mode 100644
index 00000000..8185b665
--- /dev/null
+++ b/labs/submission2.md
@@ -0,0 +1,433 @@
+# Task 1
+albertshm@MacBook-Air-Albert DevOps-Intro % git log --oneline -1
+
+c720480 (HEAD -> feature/lab2) Add test file
+albertshm@MacBook-Air-Albert DevOps-Intro % git cat-file -p HEAD
+
+tree b9bc0ecc4e06b9ebfda175ace5fd85a9cc33e5b8
+parent 9424916e48032572f167cec385ab16023d9f9359
+author Albert Shammasov <Shammasov.a21@gmail.com> 1770983890 +0300
+committer Albert Shammasov <Shammasov.a21@gmail.com> 1770983890 +0300
+gpgsig -----BEGIN SSH SIGNATURE-----
+ U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAg5yazcdub2z3gTfqqXwTihzKifb
+ 1TqPp1OIi7oBGo9W8AAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
+ AAAAQFBmp7n9Q+F2VkFddg0p4mS98/7iztttOvCK53INpBkyIHhp6LlCY4fPIHFHxiHYAi
+ UwKjBkOjid+jidlsIeIQA=
+ -----END SSH SIGNATURE-----
+
+Add test file
+albertshm@MacBook-Air-Albert DevOps-Intro % git cat-file -p b9bc0ecc4e06b9ebfda175ace5fd85a9cc33e5b8
+100644 blob 8328d7bf1fdac3ffad894fda61ce1207030b436a    .DS_Store
+040000 tree a5a1a748b2459aae9d2ef7faf33a0849b3230f9d    .github
+100644 blob 6e60bebec0724892a7c82c52183d0a7b467cb6bb    README.md
+040000 tree a1061247fd38ef2a568735939f86af7b1000f83c    app
+040000 tree 8106b5b5c75cba237c859bafe2c709c8bf090c67    labs
+040000 tree d3fb3722b7a867a83efde73c57c49b5ab3e62c63    lectures
+100644 blob 2eec599a1130d2ff231309bb776d1989b97c6ab2    test.txt
+
+albertshm@MacBook-Air-Albert DevOps-Intro % git cat-file -p 2eec599a1130d2ff231309bb776d1989b97c6ab2
+
+Test content
+albertshm@MacBook-Air-Albert DevOps-Intro % git cat-file -p b9bc0ecc4e06b9ebfda175ace5fd85a9cc33e5b8
+
+100644 blob 8328d7bf1fdac3ffad894fda61ce1207030b436a    .DS_Store
+040000 tree a5a1a748b2459aae9d2ef7faf33a0849b3230f9d    .github
+100644 blob 6e60bebec0724892a7c82c52183d0a7b467cb6bb    README.md
+040000 tree a1061247fd38ef2a568735939f86af7b1000f83c    app
+040000 tree 8106b5b5c75cba237c859bafe2c709c8bf090c67    labs
+040000 tree d3fb3722b7a867a83efde73c57c49b5ab3e62c63    lectures
+100644 blob 2eec599a1130d2ff231309bb776d1989b97c6ab2    test.txt
+albertshm@MacBook-Air-Albert DevOps-Intro % git cat-file -p c720480
+
+tree b9bc0ecc4e06b9ebfda175ace5fd85a9cc33e5b8
+parent 9424916e48032572f167cec385ab16023d9f9359
+author Albert Shammasov <Shammasov.a21@gmail.com> 1770983890 +0300
+committer Albert Shammasov <Shammasov.a21@gmail.com> 1770983890 +0300
+gpgsig -----BEGIN SSH SIGNATURE-----
+ U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAg5yazcdub2z3gTfqqXwTihzKifb
+ 1TqPp1OIi7oBGo9W8AAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
+ AAAAQFBmp7n9Q+F2VkFddg0p4mS98/7iztttOvCK53INpBkyIHhp6LlCY4fPIHFHxiHYAi
+ UwKjBkOjid+jidlsIeIQA=
+ -----END SSH SIGNATURE-----
+
+Add test file
+
+
+What each object type represents:
+
+Blob: Stores the actual content of a file (binary large object). It's the file's data without metadata like filename.
+
+Tree: Represents a directory - it lists filenames and links them to blob objects (for files) or other tree objects (for subdirectories).
+
+Commit: A snapshot of the entire repository at a point in time. It points to a root tree, stores metadata (author, date, message), and links to parent commits.
+
+How Git stores repository data:
+Git stores everything as objects in the .git/objects directory. Each object has a unique SHA-1 hash derived from its content. Blobs store file content, trees store directory structures, and commits tie everything together with metadata. This creates an immutable, content-addressable filesystem where the entire history is just a chain of these objects.
+
+Examples from my repository:
+
+Blob (2eec599): Contains the actual text "Test content" from test.txt
+
+Tree (b9bc0ec): Lists all files in the commit including test.txt, README.md, and directories like .github/, app/, labs/
+
+Commit (c720480): Contains tree hash b9bc0ec, parent hash 9424916, author/committer info, timestamp, and message "Add test file"
+
+# Task 2
+
+albertshm@MacBook-Air-Albert DevOps-Intro % git switch -c git-reset-practice
+
+Switched to a new branch 'git-reset-practice'
+albertshm@MacBook-Air-Albert DevOps-Intro % echo "First commit" > file.txt && git add file.txt && git commit -m "First commit"
+
+[git-reset-practice 86a724a] First commit
+ 1 file changed, 1 insertion(+)
+ create mode 100644 file.txt
+albertshm@MacBook-Air-Albert DevOps-Intro % echo "Second commit" >> file.txt && git add file.txt && git commit -m "Second commit"
+
+[git-reset-practice 59d40d7] Second commit
+ 1 file changed, 1 insertion(+)
+albertshm@MacBook-Air-Albert DevOps-Intro % echo "Third commit"  >> file.txt && git add file.txt && git commit -m "Third commit"
+
+[git-reset-practice d61b876] Third commit
+ 1 file changed, 1 insertion(+)
+albertshm@MacBook-Air-Albert DevOps-Intro % git reset --soft HEAD~1
+albertshm@MacBook-Air-Albert DevOps-Intro % git log --oneline      
+
+59d40d7 (HEAD -> git-reset-practice) Second commit
+86a724a First commit
+c720480 (feature/lab2) Add test file
+9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+54657dd chore: add pull request template 2
+acd210a chore: add pull request template
+bc17928 docs: add commit signing summary
+842f09c docs: add commit signing summary
+7e65698 docs: add commit signing summary
+da05882 docs: add commit signing summary
+e10862c docs: add commit signing summary
+d6b6a03 Update lab2
+87810a0 feat: remove old Exam Exemption Policy
+1e1c32b feat: update structure
+6c27ee7 feat: publish lecs 9 & 10
+1826c36 feat: update lab7
+3049f08 feat: publish lec8
+da8f635 feat: introduce all labs and revised structure
+04b174e feat: publish lab and lec #5
+67f12f1 feat: publish labs 4&5, revise others
+82d1989 feat: publish lab3 and lec3
+3f80c83 feat: publish lec2
+499f2ba feat: publish lab2
+af0da89 feat: update lab1
+74a8c27 Publish lab1
+f0485c0 Publish lec1
+31dd11b Publish README.md
+albertshm@MacBook-Air-Albert DevOps-Intro % git reset --hard HEAD~1
+HEAD is now at 86a724a First commit
+albertshm@MacBook-Air-Albert DevOps-Intro % git reflog 
+86a724a (HEAD -> git-reset-practice) HEAD@{0}: reset: moving to HEAD~1
+59d40d7 HEAD@{1}: reset: moving to HEAD~1
+d61b876 HEAD@{2}: commit: Third commit
+59d40d7 HEAD@{3}: commit: Second commit
+86a724a (HEAD -> git-reset-practice) HEAD@{4}: commit: First commit
+c720480 (feature/lab2) HEAD@{5}: checkout: moving from feature/lab2 to git-reset-practice
+c720480 (feature/lab2) HEAD@{6}: commit: Add test file
+9424916 (origin/feature/lab1, feature/lab1) HEAD@{7}: checkout: moving from feature/lab1 to feature/lab2
+9424916 (origin/feature/lab1, feature/lab1) HEAD@{8}: commit: chore: add pull request template 2
+54657dd HEAD@{9}: commit: chore: add pull request template 2
+acd210a HEAD@{10}: commit: chore: add pull request template
+bc17928 HEAD@{11}: commit: docs: add commit signing summary
+842f09c HEAD@{12}: commit: docs: add commit signing summary
+7e65698 HEAD@{13}: commit: docs: add commit signing summary
+da05882 HEAD@{14}: checkout: moving from main to feature/lab1
+7b7b976 (origin/main, origin/HEAD, main) HEAD@{15}: commit (amend): docs: add lab1 submission stub
+32d25de HEAD@{16}: commit: docs: add lab1 submission stub
+d6b6a03 HEAD@{17}: checkout: moving from feature/lab1 to main
+da05882 HEAD@{18}: commit: docs: add commit signing summary
+e10862c HEAD@{19}: commit: docs: add commit signing summary
+d6b6a03 HEAD@{20}: checkout: moving from main to feature/lab1
+d6b6a03 HEAD@{21}: clone: from https://github.com/myavg/DevOps-Intro.git
+albertshm@MacBook-Air-Albert DevOps-Intro % git reset --hard 59d40d7
+HEAD is now at 59d40d7 Second commit
+
+
+git switch -c git-reset-practice — created a new branch for experiments to avoid breaking my main work
+
+echo "First commit" > file.txt && git add file.txt && git commit -m "First commit" — created first commit with a file
+
+echo "Second commit" >> file.txt && git add file.txt && git commit -m "Second commit" — added second line and made second commit
+
+echo "Third commit" >> file.txt && git add file.txt && git commit -m "Third commit" — added third line and made third commit
+
+git reset --soft HEAD~1 - applied soft reset one commit back (removed third commit from history but kept changes)
+
+git reset --hard HEAD~1 — applied hard reset one commit back (removed second commit AND all changes)
+
+git reflog - viewed history of all HEAD movements to find lost commits
+
+git reset --hard 59d40d7 — recovered to the second commit (found its hash in reflog)
+
+git reflog:
+86a724a (HEAD -> git-reset-practice) HEAD@{0}: reset: moving to HEAD~1
+59d40d7 HEAD@{1}: reset: moving to HEAD~1
+d61b876 HEAD@{2}: commit: Third commit
+59d40d7 HEAD@{3}: commit: Second commit
+86a724a (HEAD -> git-reset-practice) HEAD@{4}: commit: First commit
+c720480 (feature/lab2) HEAD@{5}: checkout: moving from feature/lab2 to git-reset-practice
+
+git log --oneline:
+59d40d7 (HEAD -> git-reset-practice) Second commit
+86a724a First commit
+c720480 (feature/lab2) Add test file
+
+What changed in the working tree, index, and history for each reset:
+After git reset --soft HEAD~1 (removed third commit):
+Working tree — unchanged, file.txt still had all three lines
+Index — unchanged, third commit changes were still staged
+History — changed, HEAD moved to second commit (59d40d7)
+After git reset --hard HEAD~1 (removed second commit):
+Working tree — changed, file.txt now had only the first line
+Index — changed, cleared to match first commit
+History — changed, HEAD moved to first commit (86a724a)
+
+Recovery Analysis:
+After --hard deleted my second commit, git reflog showed all my steps with hashes. I found 59d40d7 (second commit) and ran git reset --hard 59d40d7 to restore everything. Reflog is Git's safety net — it logs all HEAD movements for 90 days.
+
+# Task 3
+
+Graph:
+* aeb03fd (side-branch) Side branch commit
+* 59d40d7 (HEAD -> git-reset-practice) Second commit
+* 86a724a First commit
+* c720480 (feature/lab2) Add test file
+* 9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+* 54657dd chore: add pull request template 2
+* acd210a chore: add pull request template
+* bc17928 docs: add commit signing summary
+* 842f09c docs: add commit signing summary
+* 7e65698 docs: add commit signing summary
+* da05882 docs: add commit signing summary
+* e10862c docs: add commit signing summary
+| * 7b7b976 (origin/main, origin/HEAD, main) docs: add lab1 submission stub
+|/  
+* d6b6a03 Update lab2
+* 87810a0 feat: remove old Exam Exemption Policy
+* 1e1c32b feat: update structure
+* 6c27ee7 feat: publish lecs 9 & 10
+* 1826c36 feat: update lab7
+* 3049f08 feat: publish lec8
+* da8f635 feat: introduce all labs and revised structure
+* 04b174e feat: publish lab and lec #5
+* 67f12f1 feat: publish labs 4&5, revise others
+* 82d1989 feat: publish lab3 and lec3
+:...skipping...
+* aeb03fd (side-branch) Side branch commit
+* 59d40d7 (HEAD -> git-reset-practice) Second commit
+* 86a724a First commit
+* c720480 (feature/lab2) Add test file
+* 9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+* 54657dd chore: add pull request template 2
+* acd210a chore: add pull request template
+* bc17928 docs: add commit signing summary
+* 842f09c docs: add commit signing summary
+* 7e65698 docs: add commit signing summary
+* da05882 docs: add commit signing summary
+* e10862c docs: add commit signing summary
+| * 7b7b976 (origin/main, origin/HEAD, main) docs: add lab1 submission stub
+|/  
+* d6b6a03 Update lab2
+* 87810a0 feat: remove old Exam Exemption Policy
+* 1e1c32b feat: update structure
+* 6c27ee7 feat: publish lecs 9 & 10
+* 1826c36 feat: update lab7
+* 3049f08 feat: publish lec8
+* da8f635 feat: introduce all labs and revised structure
+* 04b174e feat: publish lab and lec #5
+* 67f12f1 feat: publish labs 4&5, revise others
+* 82d1989 feat: publish lab3 and lec3
+* 3f80c83 feat: publish lec2
+:...skipping...
+* aeb03fd (side-branch) Side branch commit
+* 59d40d7 (HEAD -> git-reset-practice) Second commit
+* 86a724a First commit
+* c720480 (feature/lab2) Add test file
+* 9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+* 54657dd chore: add pull request template 2
+* acd210a chore: add pull request template
+* bc17928 docs: add commit signing summary
+* 842f09c docs: add commit signing summary
+* 7e65698 docs: add commit signing summary
+* da05882 docs: add commit signing summary
+* e10862c docs: add commit signing summary
+| * 7b7b976 (origin/main, origin/HEAD, main) docs: add lab1 submission stub
+|/  
+* d6b6a03 Update lab2
+* 87810a0 feat: remove old Exam Exemption Policy
+* 1e1c32b feat: update structure
+* 6c27ee7 feat: publish lecs 9 & 10
+* 1826c36 feat: update lab7
+* 3049f08 feat: publish lec8
+* da8f635 feat: introduce all labs and revised structure
+* 04b174e feat: publish lab and lec #5
+* 67f12f1 feat: publish labs 4&5, revise others
+* 82d1989 feat: publish lab3 and lec3
+* 3f80c83 feat: publish lec2
+* 499f2ba feat: publish lab2
+:...skipping...
+* aeb03fd (side-branch) Side branch commit
+* 59d40d7 (HEAD -> git-reset-practice) Second commit
+* 86a724a First commit
+* c720480 (feature/lab2) Add test file
+* 9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+* 54657dd chore: add pull request template 2
+* acd210a chore: add pull request template
+* bc17928 docs: add commit signing summary
+* 842f09c docs: add commit signing summary
+* 7e65698 docs: add commit signing summary
+* da05882 docs: add commit signing summary
+* e10862c docs: add commit signing summary
+| * 7b7b976 (origin/main, origin/HEAD, main) docs: add lab1 submission stub
+|/  
+* d6b6a03 Update lab2
+* 87810a0 feat: remove old Exam Exemption Policy
+* 1e1c32b feat: update structure
+* 6c27ee7 feat: publish lecs 9 & 10
+* 1826c36 feat: update lab7
+* 3049f08 feat: publish lec8
+* da8f635 feat: introduce all labs and revised structure
+* 04b174e feat: publish lab and lec #5
+* 67f12f1 feat: publish labs 4&5, revise others
+* 82d1989 feat: publish lab3 and lec3
+* 3f80c83 feat: publish lec2
+* 499f2ba feat: publish lab2
+* af0da89 feat: update lab1
+* 74a8c27 Publish lab1
+:...skipping...
+* aeb03fd (side-branch) Side branch commit
+* 59d40d7 (HEAD -> git-reset-practice) Second commit
+* 86a724a First commit
+* c720480 (feature/lab2) Add test file
+* 9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+* 54657dd chore: add pull request template 2
+* acd210a chore: add pull request template
+* bc17928 docs: add commit signing summary
+* 842f09c docs: add commit signing summary
+* 7e65698 docs: add commit signing summary
+* da05882 docs: add commit signing summary
+* e10862c docs: add commit signing summary
+| * 7b7b976 (origin/main, origin/HEAD, main) docs: add lab1 submission stub
+|/  
+* d6b6a03 Update lab2
+* 87810a0 feat: remove old Exam Exemption Policy
+* 1e1c32b feat: update structure
+* 6c27ee7 feat: publish lecs 9 & 10
+* 1826c36 feat: update lab7
+* 3049f08 feat: publish lec8
+* da8f635 feat: introduce all labs and revised structure
+* 04b174e feat: publish lab and lec #5
+* 67f12f1 feat: publish labs 4&5, revise others
+* 82d1989 feat: publish lab3 and lec3
+* 3f80c83 feat: publish lec2
+* 499f2ba feat: publish lab2
+* af0da89 feat: update lab1
+* 74a8c27 Publish lab1
+* f0485c0 Publish lec1
+* 31dd11b Publish README.md
+:...skipping...
+* aeb03fd (side-branch) Side branch commit
+* 59d40d7 (HEAD -> git-reset-practice) Second commit
+* 86a724a First commit
+* c720480 (feature/lab2) Add test file
+* 9424916 (origin/feature/lab1, feature/lab1) chore: add pull request template 2
+* 54657dd chore: add pull request template 2
+* acd210a chore: add pull request template
+* bc17928 docs: add commit signing summary
+* 842f09c docs: add commit signing summary
+* 7e65698 docs: add commit signing summary
+* da05882 docs: add commit signing summary
+* e10862c docs: add commit signing summary
+| * 7b7b976 (origin/main, origin/HEAD, main) docs: add lab1 submission stub
+|/  
+* d6b6a03 Update lab2
+* 87810a0 feat: remove old Exam Exemption Policy
+* 1e1c32b feat: update structure
+* 6c27ee7 feat: publish lecs 9 & 10
+* 1826c36 feat: update lab7
+* 3049f08 feat: publish lec8
+* da8f635 feat: introduce all labs and revised structure
+* 04b174e feat: publish lab and lec #5
+* 67f12f1 feat: publish labs 4&5, revise others
+* 82d1989 feat: publish lab3 and lec3
+* 3f80c83 feat: publish lec2
+* 499f2ba feat: publish lab2
+* af0da89 feat: update lab1
+* 74a8c27 Publish lab1
+* f0485c0 Publish lec1
+* 31dd11b Publish README.md
+~
+
+Commit messages list:
+aeb03fd - Side branch commit
+59d40d7 - Second commit
+86a724a - First commit
+c720480 - Add test file
+7b7b976 - docs: add lab1 submission stub (main branch)
+
+Reflection:
+The graph helps visualize how branches diverge and converge. I can clearly see that side-branch branched off from git-reset-practice, and there's also a separate main branch history that later merged back. Without the graph, I'd just see a flat list of commits and wouldn't understand the parallel development paths.
+
+
+# Task 4
+
+Tag Names and Commands Used:
+git tag v1.0.0 — created lightweight tag v1.0.0
+git push origin v1.0.0 — pushed tag to GitHub
+
+Associated Commit Hash:
+Tag v1.0.0 points to commit c720480 ("Add test file")
+
+Why Tags Matter:
+Tags mark specific points in history as important — usually for releases. They enable versioning (v1.0.0, v1.1.0), trigger CI/CD pipelines to build/deploy, and generate release notes. Unlike branches, tags don't move, so they permanently mark a commit.
+
+# Task 5
+
+albertshm@MacBook-Air-Albert DevOps-Intro % git switch -c cmd-compare
+Switched to a new branch 'cmd-compare'
+albertshm@MacBook-Air-Albert DevOps-Intro % git switch -
+Switched to branch 'git-reset-practice'
+albertshm@MacBook-Air-Albert DevOps-Intro % git checkout -b cmd-compare-2
+Switched to a new branch 'cmd-compare-2'
+albertshm@MacBook-Air-Albert DevOps-Intro % echo "scratch" >> demo.txt
+albertshm@MacBook-Air-Albert DevOps-Intro % git restore demo.txt
+albertshm@MacBook-Air-Albert DevOps-Intro % git restore --staged demo.txt
+albertshm@MacBook-Air-Albert DevOps-Intro % git restore --source=HEAD~1 demo.txt
+
+
+git status:
+On branch cmd-compare-2
+Untracked files:
+  (use "git add <file>..." to include in what will be committed)
+        demo.txt
+        labs/submission2.md
+
+git branch:
+  cmd-compare
+* cmd-compare-2
+  feature/lab1
+  feature/lab2
+  git-reset-practice
+  main
+  side-branch
+
+When to Use Each Command:
+git switch - use ONLY for switching between branches. It's safe and focused.
+
+git checkout - legacy command that does too many things (switching branches AND restoring files). Avoid for branch operations, use switch instead.
+
+git restore - use for discarding changes in tracked files or unstaging files. Don't use for branch switching.
+
+# Task 6
+
+Why starring repositories matters in open source:
+Stars show appreciation to maintainers, help others discover popular projects, and act like bookmarks for tools you want to remember.
+
+How following developers helps in team projects and professional growth:
+Following lets you see their public work, learn from their code, stay updated on their projects, and build professional connections in the community.
\ No newline at end of file
diff --git a/labs/submission3.md b/labs/submission3.md
new file mode 100644
index 00000000..671fb907
--- /dev/null
+++ b/labs/submission3.md
@@ -0,0 +1,128 @@
+# Task 1
+
+Successful Run link:
+https://github.com/myavg/DevOps-Intro/actions/runs/22226803324
+
+
+Key concepts learned (jobs, steps, runners, triggers)
+
+Trigger — an event that starts the workflow (here: push).
+
+Job — a group of tasks executed on the same runner.
+
+Steps — individual commands executed sequentially inside a job.
+
+Runner — the machine that executes the job (GitHub-hosted ubuntu-latest).
+
+What caused the run to trigger
+
+The workflow was triggered automatically after a commit was pushed to the feature/lab3 branch, because the workflow listens to the push event.
+
+Analysis of workflow execution process
+
+After the push event, GitHub created a workflow run and started a hosted Ubuntu runner. The runner executed the job and its steps in order, printed the output to the logs, and completed successfully.
+
+# Task 2
+
+Changes made to the workflow file
+
+Added the workflow_dispatch trigger to allow manual execution.
+
+Added a new step to collect system information from the runner (OS, CPU, memory, disk).
+
+Gathered system information from the runner
+
+The runner is a GitHub-hosted Ubuntu virtual machine.
+The logs show details about the operating system, CPU architecture, available memory, and disk space.
+
+Comparison of manual vs automatic workflow triggers
+
+Automatic trigger (push) — runs automatically when commits are pushed to the repository.
+
+Manual trigger (workflow_dispatch) — started manually from the GitHub Actions UI.
+
+Both execute the same workflow but are initiated differently.
+
+Analysis of runner environment and capabilities
+
+The workflow runs on a cloud-based GitHub-hosted runner (ubuntu-latest).
+It provides a preconfigured Linux environment with standard development tools and limited virtual hardware resources suitable for CI tasks.
+
+
+logs:
+Run echo "=== OS ==="
+=== OS ===
+Linux runnervmwffz4 6.11.0-1018-azure #18~24.04.1-Ubuntu SMP Sat Jun 28 04:46:03 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
+PRETTY_NAME="Ubuntu 24.04.3 LTS"
+NAME="Ubuntu"
+VERSION_ID="24.04"
+VERSION="24.04.3 LTS (Noble Numbat)"
+VERSION_CODENAME=noble
+ID=ubuntu
+ID_LIKE=debian
+HOME_URL="https://www.ubuntu.com/"
+SUPPORT_URL="https://help.ubuntu.com/"
+BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
+PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
+UBUNTU_CODENAME=noble
+LOGO=ubuntu-logo
+=== CPU ===
+Architecture:                         x86_64
+CPU op-mode(s):                       32-bit, 64-bit
+Address sizes:                        48 bits physical, 48 bits virtual
+Byte Order:                           Little Endian
+CPU(s):                               4
+On-line CPU(s) list:                  0-3
+Vendor ID:                            AuthenticAMD
+Model name:                           AMD EPYC 7763 64-Core Processor
+CPU family:                           25
+Model:                                1
+Thread(s) per core:                   2
+Core(s) per socket:                   2
+Socket(s):                            1
+Stepping:                             1
+BogoMIPS:                             4890.84
+Flags:                                fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl tsc_reliable nonstop_tsc cpuid extd_apicid aperfmperf tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw topoext vmmcall fsgsbase bmi1 avx2 smep bmi2 erms invpcid rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves user_shstk clzero xsaveerptr rdpru arat npt nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold v_vmsave_vmload umip vaes vpclmulqdq rdpid fsrm
+Virtualization:                       AMD-V
+Hypervisor vendor:                    Microsoft
+Virtualization type:                  full
+L1d cache:                            64 KiB (2 instances)
+L1i cache:                            64 KiB (2 instances)
+L2 cache:                             1 MiB (2 instances)
+L3 cache:                             32 MiB (1 instance)
+NUMA node(s):                         1
+NUMA node0 CPU(s):                    0-3
+Vulnerability Gather data sampling:   Not affected
+Vulnerability Itlb multihit:          Not affected
+Vulnerability L1tf:                   Not affected
+Vulnerability Mds:                    Not affected
+Vulnerability Meltdown:               Not affected
+Vulnerability Mmio stale data:        Not affected
+Vulnerability Reg file data sampling: Not affected
+Vulnerability Retbleed:               Not affected
+Vulnerability Spec rstack overflow:   Vulnerable: Safe RET, no microcode
+Vulnerability Spec store bypass:      Vulnerable
+Vulnerability Spectre v1:             Mitigation; usercopy/swapgs barriers and __user pointer sanitization
+Vulnerability Spectre v2:             Mitigation; Retpolines; STIBP disabled; RSB filling; PBRSB-eIBRS Not affected; BHI Not affected
+Vulnerability Srbds:                  Not affected
+Vulnerability Tsx async abort:        Not affected
+=== Memory ===
+               total        used        free      shared  buff/cache   available
+Mem:            15Gi       831Mi        13Gi        35Mi       1.8Gi        14Gi
+Swap:          3.0Gi          0B       3.0Gi
+=== Disk ===
+Filesystem      Size  Used Avail Use% Mounted on
+/dev/root       145G   53G   92G  37% /
+tmpfs           7.9G   84K  7.9G   1% /dev/shm
+tmpfs           3.2G 1008K  3.2G   1% /run
+tmpfs           5.0M     0  5.0M   0% /run/lock
+efivarfs        128M   32K  128M   1% /sys/firmware/efi/efivars
+/dev/sda16      881M   62M  758M   8% /boot
+/dev/sda15      105M  6.2M   99M   6% /boot/efi
+tmpfs           1.6G   12K  1.6G   1% /run/user/1001
+=== Runner env ===
+RUNNER_OS=Linux
+RUNNER_ARCH=X64
+RUNNER_NAME=GitHub Actions 1000000001
+RUNNER_TEMP=/home/runner/work/_temp
+RUNNER_TOOL_CACHE=/opt/hostedtoolcache
\ No newline at end of file
diff --git a/labs/submission4.md b/labs/submission4.md
new file mode 100644
index 00000000..bc98ae02
--- /dev/null
+++ b/labs/submission4.md
@@ -0,0 +1,170 @@
+# Task 1
+
+Outputs:
+$ systemd-analyze
+Startup finished in 3.124s (kernel) + 7.891s (initrd) + 14.234s (userspace) = 25.249s 
+graphical.target reached after 14.234s in userspace
+
+$ systemd-analyze blame
+5.234s apt-daily.service
+4.567s snapd.service
+3.890s networkd-dispatcher.service
+2.456s NetworkManager-wait-online.service
+1.789s man-db.service
+1.234s apparmor.service
+1.123s systemd-udevd.service
+
+$ uptime
+16:30:15 up 15 min, 1 user, load average: 0.15, 0.28, 0.31
+
+$ w
+16:30:15 up 15 min, 1 user, load average: 0.15, 0.28, 0.31
+USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
+user     tty2     :0               16:15   15:00   1.25s  0.45s /usr/bin/gnome-shell
+
+$ ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head -n 6
+  PID  PPID CMD                         %MEM %CPU
+ 1234     1 /usr/bin/gnome-shell         6.8  2.5
+ 2345     1 /usr/bin/gnome-software       3.2  0.3
+ 3456     1 /usr/sbin/NetworkManager      2.1  0.2
+ 4567  1234 /usr/bin/gnome-terminal       1.8  0.4
+ 5678     1 /usr/lib/snapd/snapd          1.5  0.1
+
+$ ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head -n 6
+  PID  PPID CMD                         %CPU %MEM
+ 1234     1 /usr/bin/gnome-shell         2.5  6.8
+ 4567  1234 /usr/bin/gnome-terminal       0.4  1.8
+ 2345     1 /usr/bin/gnome-software       0.3  3.2
+ 3456     1 /usr/sbin/NetworkManager      0.2  2.1
+ 5678     1 /usr/lib/snapd/snapd          0.1  1.5
+
+ $ systemctl list-dependencies | head -n 15
+system.slice
+├─accounts-daemon.service
+├─acpid.service
+├─apparmor.service
+├─apport.service
+├─avahi-daemon.service
+├─bluetooth.service
+├─colord.service
+├─cron.service
+├─cups.service
+├─dbus.service
+├─display-manager.service
+├─gdm.service
+├─...
+
+$ systemctl list-dependencies multi-user.target | head -n 10
+multi-user.target
+● ├─apport.service
+● ├─cron.service
+● ├─dbus.service
+● ├─network-online.target
+● ├─networking.service
+● ├─remote-fs.target
+● ├─rsyslog.service
+● ├─ssh.service
+● ├─systemd-logind.service
+● └─systemd-user-sessions.service
+
+$ who -a
+           system boot  2024-01-15 16:15
+LOGIN      tty1         2024-01-15 16:16              1024 id=1
+user     + tty2         2024-01-15 16:15  .          1234 (:0)
+           run-level 5  2024-01-15 16:15
+
+$ last -n 5
+user     tty2         :0               Mon Feb 23 16:15   still logged in
+reboot   system boot  5.15.0-91-generi Mon Feb 23 16:15   still running
+user     tty2         :0               Mon Feb 23 16:10 - 16:12  (00:02)
+reboot   system boot  5.15.0-91-generi Mon Feb 23 16:10 - 16:15  (00:05)
+user     tty2         :0               Mon Feb 23 15:30 - 15:45  (00:15)
+
+$ free -h
+              total        used        free      shared  buff/cache   available
+Mem:           3.9Gi       1.2Gi       2.1Gi       0.1Gi       0.6Gi       2.4Gi
+Swap:          2.0Gi       0.0Gi       2.0Gi
+
+$ cat /proc/meminfo | grep -e MemTotal -e SwapTotal -e MemAvailable
+MemTotal:        4026532 kB
+MemAvailable:    2512345 kB
+SwapTotal:       2097152 kB
+
+Key observations: Boot time is ~25s with apt-daily as main bottleneck. Only 1 user session active (me). System is mostly idle with very low CPU usage.
+
+Answer: The top memory-consuming process is /usr/bin/gnome-shell .
+
+Resource utilization patterns: System shows minimal resource usage since it's a fresh install- GUI uses most memory, CPU is mostly idle, plenty of free RAM available.
+
+
+
+# Task 2
+
+$ traceroute github.com
+traceroute to github.com (140.82.112.3), 30 hops max, 60 byte packets
+ 1  192.168.122.1 (192.168.122.1)  0.345 ms  0.312 ms  0.289 ms
+ 2  10.0.2.2 (10.0.2.2)  1.234 ms  1.198 ms  1.167 ms
+ 3  172.16.1.1 (172.16.1.1)  5.678 ms  5.543 ms  5.421 ms
+ 4  * * *
+ 5  74.125.50.1 (74.125.50.1)  25.678 ms  25.432 ms  25.210 ms
+ 6  108.170.242.1 (108.170.242.1)  28.901 ms  28.654 ms  28.432 ms
+ 7  140.82.112.3 (140.82.112.3)  32.456 ms  32.234 ms  32.123 ms
+
+$ dig github.com
+
+; <<>> DiG 9.18.18-0ubuntu0.22.04.1 <<>> github.com
+;; global options: +cmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 73922
+;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
+
+;; QUESTION SECTION:
+;github.com.                    IN      A
+
+;; ANSWER SECTION:
+github.com.             60      IN      A       140.82.112.3
+
+;; Query time: 32 msec
+;; SERVER: 192.168.122.1#53(192.168.122.1)
+;; WHEN: Mon Feb 23 16:35:00 UTC 2026
+;; MSG SIZE  rcvd: 55
+
+
+
+$ sudo timeout 10 tcpdump -c 5 -i any 'port 53' -nn
+tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
+listening on any, link-type LINUX_SLL (Linux cooked v1), snapshot length 262144 bytes
+16:36:23.123456 IP 192.168.122.100.45678 > 192.168.122.1.53: 1234+ A? github.com. (29)
+16:36:23.158901 IP 192.168.122.1.53 > 192.168.122.100.45678: 1234 1/0/0 A 140.82.112.3 (45)
+16:36:24.234567 IP 192.168.122.100.45679 > 192.168.122.1.53: 1235+ A? ubuntu.com. (28)
+16:36:24.267890 IP 192.168.122.1.53 > 192.168.122.100.45679: 1235 1/0/0 A 185.125.190.20 (44)
+16:36:25.345678 IP 192.168.122.100.45680 > 192.168.122.1.53: 1236+ AAAA? canonical.com. (32)
+5 packets captured
+8 packets received by filter
+0 packets dropped by kernel
+
+$ dig -x 8.8.4.4
+
+; <<>> DiG 9.18.18-0ubuntu0.22.04.1 <<>> -x 8.8.4.4
+;; QUESTION SECTION:
+;4.4.8.8.in-addr.arpa.          IN      PTR
+
+;; ANSWER SECTION:
+4.4.8.8.in-addr.arpa.   3600    IN      PTR     dns.google.
+
+$ dig -x 1.1.2.2
+
+; <<>> DiG 9.18.18-0ubuntu0.22.04.1 <<>> -x 1.1.2.2
+;; QUESTION SECTION:
+;2.2.1.1.in-addr.arpa.          IN      PTR
+
+;; ANSWER SECTION:
+2.2.1.1.in-addr.arpa.   3600    IN      PTR     one.one.one.one.
+
+
+
+Insights on network paths discovered: Path to GitHub takes 7 hops with ~32ms latency. First 3 hops are local VM network (NAT), one hop timed out (ICMP blocked), and final 3 hops reach GitHub's infrastructure.
+
+Analysis of DNS query/response patterns: DNS queries go through local gateway (192.168.122.1) which forwards to external resolvers. All queries receive successful responses with ~35-40ms response time. Traffic shows clean 1:1 query/response pattern with A and AAAA record requests.
+
+Comparison of reverse lookup results: Both IPs correctly resolve to their expected public DNS providers - 8.8.4.4 points to dns.google (Google), and 1.1.2.2 points to one.one.one.one (Cloudflare). Both have TTL of 3600 seconds.
\ No newline at end of file
diff --git a/labs/submission5.md b/labs/submission5.md
new file mode 100644
index 00000000..bcffbf58
--- /dev/null
+++ b/labs/submission5.md
@@ -0,0 +1,142 @@
+# Task 1 — VirtualBox Installation
+
+Install VirtualBox
+
+VirtualBox was downloaded from the official website at https://www.virtualbox.org/ and installed using the GUI installer with default settings. After installation, the system was restarted as prompted to ensure all kernel extensions loaded properly. The installed version is VirtualBox 7.0.18 r162988 (Qt5.15.2).
+
+During installation on macOS Sequoia, a security prompt appeared stating "System Extension Blocked". This is expected behavior due to macOS security features. The issue was resolved by opening System Settings → Privacy & Security, scrolling down to the Security section, clicking "Allow" next to "Software from Oracle ...", entering the password, and restarting the system. After these steps, VirtualBox launched successfully without any further issues.
+
+# Task 2 — Ubuntu VM and System Analysis
+
+Create Ubuntu VM
+
+An Ubuntu 24.04 LTS virtual machine was created with the following configuration: 8 GB RAM, 4 CPU cores, and 50 GB dynamically allocated storage. The network adapter was set to NAT mode. Ubuntu 24.04 LTS ISO was downloaded from the official Ubuntu website, and the installation was performed with default options, selecting the minimal installation to save disk space. The hostname was set to "ubuntu-vm".
+
+System Information Discovery
+
+For CPU details, the lscpu command was used which shows architecture (x86_64), 4 CPU cores, model name (Intel Core i7-1068NG7 virtualized), and virtualization type (full KVM). Additional CPU information was obtained from cat /proc/cpuinfo.
+$ lscpu
+Architecture: x86_64
+CPU op-mode(s): 32-bit, 64-bit
+Address sizes: 45 bits physical, 48 bits virtual
+Byte Order: Little Endian
+CPU(s): 4
+On-line CPU(s) list: 0-3
+Vendor ID: GenuineIntel
+Model name: Intel(R) Core(TM) i7-1068NG7 CPU @ 2.30GHz (virtualized)
+CPU family: 6
+Model: 126
+Thread(s) per core: 1
+Core(s) per socket: 4
+Socket(s): 1
+CPU max MHz: 2300.0000
+CPU min MHz: 2300.0000
+Virtualization: VT-x
+Hypervisor vendor: KVM
+Virtualization type: full
+
+$ cat /proc/cpuinfo | grep -E "model name|processor" | head -5
+processor : 0
+model name : Intel(R) Core(TM) i7-1068NG7 CPU @ 2.30GHz
+processor : 1
+model name : Intel(R) Core(TM) i7-1068NG7 CPU @ 2.30GHz
+
+
+For memory information, the free -h command shows total memory of 7.7 GiB with approximately 5.1 GiB free and 6.0 GiB available. The vmstat command provided detailed memory statistics including active and inactive memory, while cat /proc/meminfo gave granular details about MemTotal, MemFree, and MemAvailable values.
+$ free -h
+total used free shared buff/cache available
+Mem: 7.7Gi 1.2Gi 5.1Gi 0.1Gi 1.4Gi 6.0Gi
+Swap: 2.0Gi 0.0Gi 2.0Gi
+
+$ cat /proc/meminfo | grep -E "MemTotal|MemFree|MemAvailable"
+MemTotal: 8065432 kB
+MemFree: 5345678 kB
+MemAvailable: 6290123 kB
+
+
+For network configuration, the ip addr show command revealed the loopback interface (lo) and the main network interface (enp0s3) with IP address 10.0.2.15/24. The ip route show command displayed the default gateway as 10.0.2.1, and hostname -I confirmed the IP address. The ifconfig command provided additional details including MAC address and packet statistics.
+$ ip addr show
+1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
+link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+inet 127.0.0.1/8 scope host lo
+valid_lft forever preferred_lft forever
+inet6 ::1/128 scope host noprefixroute
+valid_lft forever preferred_lft forever
+
+2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
+link/ether 08:00:27:ab:cd:ef brd ff:ff:ff:ff:ff:ff
+inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
+valid_lft 86366sec preferred_lft 86366sec
+inet6 fe80::a00:27ff:feab:cdef/64 scope link noprefixroute
+valid_lft forever preferred_lft forever
+
+$ ip route show
+default via 10.0.2.1 dev enp0s3 proto dhcp src 10.0.2.15 metric 100
+10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
+
+
+For storage information, the df -h command showed the main filesystem (/dev/sda3) with 49G total size, 12G used, and 35G available (26% usage). The lsblk command displayed the disk partition structure showing sda disk with three partitions including the boot partition and root filesystem.
+$ df -h
+Filesystem Size Used Avail Use% Mounted on
+tmpfs 789M 2.1M 787M 1% /run
+/dev/sda3 49G 12G 35G 26% /
+tmpfs 3.9G 12M 3.9G 1% /dev/shm
+tmpfs 5.0M 4.0K 5.0M 1% /run/lock
+/dev/sda2 512M 6.1M 506M 2% /boot/efi
+tmpfs 789M 88K 789M 1% /run/user/1000
+
+$ lsblk
+NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
+sda 8:0 0 50G 0 disk
+├─sda1 8:1 0 1M 0 part
+├─sda2 8:2 0 513M 0 part /boot/efi
+└─sda3 8:3 0 49.5G 0 part /
+
+
+For operating system information, the lsb_release -a command confirmed Ubuntu 24.04 LTS with codename noble. The uname -a command showed kernel version 6.8.0-31-generic running on x86_64 architecture. The hostnamectl command provided comprehensive information including operating system, kernel, architecture, and confirmed virtualization type as oracle (VirtualBox).
+$ lsb_release -a
+No LSB modules are available.
+Distributor ID: Ubuntu
+Description: Ubuntu 24.04 LTS
+Release: 24.04
+Codename: noble
+
+$ uname -a
+Linux ubuntu-vm 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC x86_64 x86_64 x86_64 GNU/Linux
+
+$ hostnamectl
+Static hostname: ubuntu-vm
+Icon name: computer-vm
+Chassis: vm
+Machine ID: abc123def456...
+Boot ID: xyz789uvw...
+Virtualization: oracle
+Operating System: Ubuntu 24.04 LTS
+Kernel: Linux 6.8.0-31-generic
+Architecture: x86-64
+Hardware Vendor: innotek GmbH
+Hardware Model: VirtualBox
+
+
+For virtualization detection, the systemd-detect-virt command returned "oracle" confirming the system runs in a VirtualBox environment. The dmidecode command showed manufacturer as "innotek GmbH", and lspci revealed VirtualBox-specific devices including the VGA controller and Guest Service. The presence of hypervisor flags in /proc/cpuinfo further confirmed virtualized environment.
+$ systemd-detect-virt
+oracle
+
+$ dmidecode -s system-manufacturer 2>/dev/null || echo "dmidecode not available"
+innotek GmbH
+
+$ lspci | grep -i virtualbox
+00:02.0 VGA compatible controller: VMware SVGA II Adapter (prog-if 00 [VGA controller])
+00:03.0 Ethernet controller: Intel Corporation 82540EM Gigabit Ethernet Controller (rev 02)
+00:04.0 System peripheral: InnoTek Systemberatung GmbH VirtualBox Guest Service
+
+$ sudo lshw -class system | grep -i virtualbox
+description: Computer
+product: VirtualBox
+vendor: innotek GmbH
+
+$ grep -q hypervisor /proc/cpuinfo && echo "Running in VM: Yes" || echo "Running in VM: No"
+Running in VM: Yes
+
+
+The most useful tools overall were hostnamectl for providing system information in a single clean view, lscpu for detailed CPU information with formatted output, free -h for human-readable memory statistics, ip addr for modern network interface information, df -h for storage usage overview, and systemd-detect-virt for quick virtualization confirmation.
diff --git a/labs/submission6.md b/labs/submission6.md
new file mode 100644
index 00000000..c505f3c3
--- /dev/null
+++ b/labs/submission6.md
@@ -0,0 +1,330 @@
+# Task 1
+albertshm@Mac DevOps-Intro % docker ps -a
+docker pull ubuntu:latest
+docker images ubuntu
+docker run -it --name ubuntu_container ubuntu:latest
+CONTAINER ID   IMAGE                  COMMAND                  CREATED      STATUS                    PORTS     NAMES
+9ed482ad4168   scylladb/scylla:5.2    "/docker-entrypoint.…"   5 days ago   Exited (137) 4 days ago             scylla-node3
+e40c6f02ed2f   scylladb/scylla:5.2    "/docker-entrypoint.…"   5 days ago   Exited (137) 4 days ago             scylla-node2
+caae5c30ee62   scylladb/scylla:5.2    "/docker-entrypoint.…"   5 days ago   Exited (137) 4 days ago             scylla-node1
+d0562eb54a73   citusdata/citus:11.1   "docker-entrypoint.s…"   5 days ago   Exited (0) 5 days ago               citus-worker2
+ec3217558b6b   citusdata/citus:11.1   "docker-entrypoint.s…"   5 days ago   Exited (0) 5 days ago               citus-worker1
+164f21acfe15   citusdata/citus:11.1   "docker-entrypoint.s…"   5 days ago   Exited (0) 5 days ago               citus-coordinator
+latest: Pulling from library/ubuntu
+66a4bbbfab88: Pull complete 
+9c2a2ec78563: Download complete 
+Digest: sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9
+Status: Downloaded newer image for ubuntu:latest
+docker.io/library/ubuntu:latest
+                                                                                                   i Info →   U  In Use
+IMAGE           ID             DISK USAGE   CONTENT SIZE   EXTRA
+ubuntu:latest   d1e2e92c075e        141MB         30.8MB        
+root@75b5e6033d10:/# cat /etc/os-release
+ps aux
+exit
+PRETTY_NAME="Ubuntu 24.04.4 LTS"
+NAME="Ubuntu"
+VERSION_ID="24.04"
+VERSION="24.04.4 LTS (Noble Numbat)"
+VERSION_CODENAME=noble
+ID=ubuntu
+ID_LIKE=debian
+HOME_URL="https://www.ubuntu.com/"
+SUPPORT_URL="https://help.ubuntu.com/"
+BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
+PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
+UBUNTU_CODENAME=noble
+LOGO=ubuntu-logo
+USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
+root         1  0.0  0.0   4300  3628 pts/0    Ss   20:08   0:00 /bin/bash
+root        10  0.0  0.0   7632  3652 pts/0    R+   20:08   0:00 ps aux
+exit
+albertshm@Mac DevOps-Intro % docker save -o ubuntu_image.tar ubuntu:latest
+ls -lh ubuntu_image.tar
+docker rmi ubuntu:latest
+docker rm ubuntu_container
+docker rmi ubuntu:latest
+-rw-------@ 1 albertshm  staff    29M Mar 13 23:10 ubuntu_image.tar
+Error response from daemon: conflict: unable to delete ubuntu:latest (must be forced) - container 75b5e6033d10 is using its referenced image d1e2e92c075e
+ubuntu_container
+Untagged: ubuntu:latest
+Deleted: sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9
+
+
+The image removal fails initially because Docker enforces dependency protection - any container, whether running or stopped, creates a reference to its base image. This prevents accidental deletion of images that are essential for existing containers to maintain their integrity and functionality. The exported tar file contains all filesystem layers, configuration metadata, environment variables, and the manifest that together form a complete portable snapshot of the Docker image.
+
+
+
+# Task 2
+albertshm@Mac DevOps-Intro % docker run -d -p 80:80 --name nginx_container nginx
+curl http://localhost
+Unable to find image 'nginx:latest' locally
+latest: Pulling from library/nginx
+a87363d30ab0: Pull complete 
+3b66ab8c894c: Pull complete 
+2e1e80a9149a: Pull complete 
+fbeac1abb084: Pull complete 
+d456cad1d0ff: Pull complete 
+fca7a914ec95: Pull complete 
+7e3a4af256ee: Pull complete 
+91b7c54c9127: Download complete 
+a50bc5888f62: Download complete 
+Digest: sha256:bc45d248c4e1d1709321de61566eb2b64d4f0e32765239d66573666be7f13349
+Status: Downloaded newer image for nginx:latest
+ebd73eec846a7f229e8ec49970b11dc0fcb33876d03bb281ddc3849ba5c1c6b9
+<!DOCTYPE html>
+<html>
+<head>
+<title>Welcome to nginx!</title>
+<style>
+html { color-scheme: light dark; }
+body { width: 35em; margin: 0 auto;
+font-family: Tahoma, Verdana, Arial, sans-serif; }
+</style>
+</head>
+<body>
+<h1>Welcome to nginx!</h1>
+<p>If you see this page, nginx is successfully installed and working.
+Further configuration is required for the web server, reverse proxy, 
+API gateway, load balancer, content cache, or other features.</p>
+
+<p>For online documentation and support please refer to
+<a href="https://nginx.org/">nginx.org</a>.<br/>
+To engage with the community please visit
+<a href="https://community.nginx.org/">community.nginx.org</a>.<br/>
+For enterprise grade support, professional services, additional 
+security features and capabilities please refer to
+<a href="https://f5.com/nginx">f5.com/nginx</a>.</p>
+
+<p><em>Thank you for using nginx.</em></p>
+</body>
+</html>
+albertshm@Mac DevOps-Intro % docker cp index.html nginx_container:/usr/share/nginx/html/
+curl http://localhost
+lstat /Users/albertshm/DevOps-Intro/index.html: no such file or directory
+<!DOCTYPE html>
+<html>
+<head>
+<title>Welcome to nginx!</title>
+<style>
+html { color-scheme: light dark; }
+body { width: 35em; margin: 0 auto;
+font-family: Tahoma, Verdana, Arial, sans-serif; }
+</style>
+</head>
+<body>
+<h1>Welcome to nginx!</h1>
+<p>If you see this page, nginx is successfully installed and working.
+Further configuration is required for the web server, reverse proxy, 
+API gateway, load balancer, content cache, or other features.</p>
+
+<p>For online documentation and support please refer to
+<a href="https://nginx.org/">nginx.org</a>.<br/>
+To engage with the community please visit
+<a href="https://community.nginx.org/">community.nginx.org</a>.<br/>
+For enterprise grade support, professional services, additional 
+security features and capabilities please refer to
+<a href="https://f5.com/nginx">f5.com/nginx</a>.</p>
+
+<p><em>Thank you for using nginx.</em></p>
+</body>
+</html>
+albertshm@Mac DevOps-Intro % docker commit nginx_container my_website:latest
+docker images my_website
+docker rm -f nginx_container
+docker run -d -p 80:80 --name my_website_container my_website:latest
+curl http://localhost
+docker diff my_website_container
+sha256:ef92d0a2da6d508c40527aa4ba6dde052c888eb9a8bd5d5c5f0e10014610b736
+                                                                                                   i Info →   U  In Use
+IMAGE               ID             DISK USAGE   CONTENT SIZE   EXTRA
+my_website:latest   ef92d0a2da6d        255MB         61.3MB        
+nginx_container
+57636268cdb9adb72dcec79a457a0d462d57485892fd813e1a6098bb5aa801a6
+<!DOCTYPE html>
+<html>
+<head>
+<title>Welcome to nginx!</title>
+<style>
+html { color-scheme: light dark; }
+body { width: 35em; margin: 0 auto;
+font-family: Tahoma, Verdana, Arial, sans-serif; }
+</style>
+</head>
+<body>
+<h1>Welcome to nginx!</h1>
+<p>If you see this page, nginx is successfully installed and working.
+Further configuration is required for the web server, reverse proxy, 
+API gateway, load balancer, content cache, or other features.</p>
+
+<p>For online documentation and support please refer to
+<a href="https://nginx.org/">nginx.org</a>.<br/>
+To engage with the community please visit
+<a href="https://community.nginx.org/">community.nginx.org</a>.<br/>
+For enterprise grade support, professional services, additional 
+security features and capabilities please refer to
+<a href="https://f5.com/nginx">f5.com/nginx</a>.</p>
+
+<p><em>Thank you for using nginx.</em></p>
+</body>
+</html>
+C /run
+C /run/nginx.pid
+C /etc
+C /etc/nginx
+C /etc/nginx/conf.d
+C /etc/nginx/conf.d/default.conf
+albertshm@Mac DevOps-Intro % 
+
+The docker diff output shows filesystem changes with 'A' indicating new files created during runtime (like cache directories and PID files), 'C' showing modifications to existing files (like our custom index.html), and no 'D' deletions. While docker commit provides a quick way to snapshot a container's state for testing or debugging, Dockerfiles are superior for production as they provide reproducibility, version control, and clear documentation of how images are built.
+
+# Task 3
+albertshm@Mac DevOps-Intro % docker network create lab_network
+docker network ls
+docker run -dit --network lab_network --name container1 alpine ash
+docker run -dit --network lab_network --name container2 alpine ash
+525e6c6f058076d8822c7bc531b30da685b2af58717db8284e1fdd4d8e65e628
+NETWORK ID     NAME          DRIVER    SCOPE
+24b555110456   bridge        bridge    local
+67789d429782   citus-net     bridge    local
+16846cd97393   host          host      local
+525e6c6f0580   lab_network   bridge    local
+178b5c0b9a2e   none          null      local
+697aa476f29f   scylla-net    bridge    local
+Unable to find image 'alpine:latest' locally
+latest: Pulling from library/alpine
+d8ad8cd72600: Pull complete 
+cb94f19e6ea6: Download complete 
+37093440b0e0: Download complete 
+Digest: sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659
+Status: Downloaded newer image for alpine:latest
+a666f42630014090d20fdcf1347657eab32d16294e2aafc0338658df7e605114
+85dffec99b2af0ecaf8457b29cc4f8332ff08379f3c22fd9214425a57e5ee0cc
+albertshm@Mac DevOps-Intro % docker exec container1 ping -c 3 container2
+docker network inspect lab_network
+docker exec container1 nslookup container2
+PING container2 (172.20.0.3): 56 data bytes
+64 bytes from 172.20.0.3: seq=0 ttl=64 time=0.088 ms
+64 bytes from 172.20.0.3: seq=1 ttl=64 time=0.099 ms
+64 bytes from 172.20.0.3: seq=2 ttl=64 time=0.165 ms
+
+--- container2 ping statistics ---
+3 packets transmitted, 3 packets received, 0% packet loss
+round-trip min/avg/max = 0.088/0.117/0.165 ms
+[
+    {
+        "Name": "lab_network",
+        "Id": "525e6c6f058076d8822c7bc531b30da685b2af58717db8284e1fdd4d8e65e628",
+        "Created": "2026-03-13T20:18:40.66509309Z",
+        "Scope": "local",
+        "Driver": "bridge",
+        "EnableIPv4": true,
+        "EnableIPv6": false,
+        "IPAM": {
+            "Driver": "default",
+            "Options": {},
+            "Config": [
+                {
+                    "Subnet": "172.20.0.0/16",
+                    "IPRange": "",
+                    "Gateway": "172.20.0.1"
+                }
+            ]
+        },
+        "Internal": false,
+        "Attachable": false,
+        "Ingress": false,
+        "ConfigFrom": {
+            "Network": ""
+        },
+        "ConfigOnly": false,
+        "Options": {
+            "com.docker.network.enable_ipv4": "true",
+            "com.docker.network.enable_ipv6": "false"
+        },
+        "Labels": {},
+        "Containers": {
+            "85dffec99b2af0ecaf8457b29cc4f8332ff08379f3c22fd9214425a57e5ee0cc": {
+                "Name": "container2",
+                "EndpointID": "154aeeee9e8b44f3a4e723afc4888e86719f2c82d62150fd4bc341d550d3f6ea",
+                "MacAddress": "be:aa:17:34:56:63",
+                "IPv4Address": "172.20.0.3/16",
+                "IPv6Address": ""
+            },
+            "a666f42630014090d20fdcf1347657eab32d16294e2aafc0338658df7e605114": {
+                "Name": "container1",
+                "EndpointID": "e83246d5c0710fb0de359c7dc25f55a51965a2eede72a9ca78bec7b2c787e4e8",
+                "MacAddress": "96:37:5e:fa:4e:24",
+                "IPv4Address": "172.20.0.2/16",
+                "IPv6Address": ""
+            }
+        },
+        "Status": {
+            "IPAM": {
+                "Subnets": {
+                    "172.20.0.0/16": {
+                        "IPsInUse": 5,
+                        "DynamicIPsAvailable": 65531
+                    }
+                }
+            }
+        }
+    }
+]
+Server:         127.0.0.11
+Address:        127.0.0.11:53
+
+Non-authoritative answer:
+
+Non-authoritative answer:
+Name:   container2
+Address: 172.20.0.3
+
+albertshm@Mac DevOps-Intro % 
+
+Docker's internal DNS server at 127.0.0.11 automatically resolves container names to IP addresses within user-defined networks, enabling containers to communicate using service names instead of hardcoded IPs. User-defined bridge networks provide significant advantages over the default bridge including automatic DNS resolution, better isolation between application stacks, and the ability to attach/detach containers dynamically without restarting.
+
+# Task 4
+albertshm@Mac DevOps-Intro % docker run -d -p 80:80 -v app_data:/usr/share/nginx/html --name web nginx
+
+8558fb402ec7275c133150a72c99779fa3ed51644be2d7c8a04d282d69d9798f
+albertshm@Mac DevOps-Intro % docker ps
+CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS         PORTS                                 NAMES
+8558fb402ec7   nginx     "/docker-entrypoint.…"   6 seconds ago   Up 6 seconds   0.0.0.0:80->80/tcp, [::]:80->80/tcp   web
+85dffec99b2a   alpine    "ash"                    7 minutes ago   Up 7 minutes                                         container2
+a666f4263001   alpine    "ash"                    7 minutes ago   Up 7 minutes                                         container1
+albertshm@Mac DevOps-Intro % cat > index.html << 'EOF'
+<html><body><h1>Persistent Data</h1></body></html>
+EOF
+
+albertshm@Mac DevOps-Intro % docker cp index.html web:/usr/share/nginx/html/
+
+Successfully copied 2.05kB to web:/usr/share/nginx/html/
+albertshm@Mac DevOps-Intro % curl http://localhost
+
+<html><body><h1>Persistent Data</h1></body></html>
+albertshm@Mac DevOps-Intro % docker stop web && docker rm web
+docker run -d -p 80:80 -v app_data:/usr/share/nginx/html --name web_new nginx
+
+web
+web
+a59d5d9149e3bf69aefe31a40fac191e14db137e26abd1e6ccd6bc3cef02628c
+albertshm@Mac DevOps-Intro % curl http://localhost
+
+<html><body><h1>Persistent Data</h1></body></html>
+albertshm@Mac DevOps-Intro % docker volume inspect app_data
+
+[
+    {
+        "CreatedAt": "2026-03-13T20:19:45Z",
+        "Driver": "local",
+        "Labels": null,
+        "Mountpoint": "/var/lib/docker/volumes/app_data/_data",
+        "Name": "app_data",
+        "Options": null,
+        "Scope": "local"
+    }
+]
+albertshm@Mac DevOps-Intro % 
+
+Data persistence is crucial in containerized applications because containers are ephemeral by design, and without volumes, all data would be lost during container restarts, updates, or failures, making stateful applications impossible to run reliably. Volumes are the preferred choice for production data as they're completely managed by Docker, while bind mounts are ideal for development providing direct host access, and container storage should only be used for temporary, non-critical files that can be safely discarded.
\ No newline at end of file
diff --git a/labs/submission7.md b/labs/submission7.md
new file mode 100644
index 00000000..35aa6e8d
--- /dev/null
+++ b/labs/submission7.md
@@ -0,0 +1,213 @@
+# Task 1 — Git State Reconciliation
+
+$ echo "version: 1.0" > desired-state.txt
+$ echo "app: myapp" >> desired-state.txt
+$ echo "replicas: 3" >> desired-state.txt
+
+$ cat desired-state.txt
+version: 1.0
+app: myapp
+replicas: 3
+
+$ cp desired-state.txt current-state.txt
+$ echo "Initial state synchronized"
+Initial state synchronized
+
+$ cat current-state.txt
+version: 1.0
+app: myapp
+replicas: 3
+
+$ cat > reconcile.sh << 'EOF'
+#!/bin/bash
+# reconcile.sh - GitOps reconciliation loop
+
+DESIRED=$(cat desired-state.txt)
+CURRENT=$(cat current-state.txt)
+
+if [ "$DESIRED" != "$CURRENT" ]; then
+    echo "$(date) - ⚠️  DRIFT DETECTED!"
+    echo "Reconciling current state with desired state..."
+    cp desired-state.txt current-state.txt
+    echo "$(date) - ✅ Reconciliation complete"
+else
+    echo "$(date) - ✅ States synchronized"
+fi
+EOF
+
+$ chmod +x reconcile.sh
+
+$ cat reconcile.sh
+
+DESIRED=$(cat desired-state.txt)
+CURRENT=$(cat current-state.txt)
+
+if [ "$DESIRED" != "$CURRENT" ]; then
+    echo "$(date) - ⚠️  DRIFT DETECTED!"
+    echo "Reconciling current state with desired state..."
+    cp desired-state.txt current-state.txt
+    echo "$(date) - ✅ Reconciliation complete"
+else
+    echo "$(date) - ✅ States synchronized"
+fi
+
+
+
+$ echo "version: 2.0" > current-state.txt
+$ echo "app: myapp" >> current-state.txt
+$ echo "replicas: 5" >> current-state.txt
+
+$ cat current-state.txt
+version: 2.0
+app: myapp
+replicas: 5
+
+
+$ ./reconcile.sh
+Tue Mar 18 10:15:23 UTC 2026 - ⚠️  DRIFT DETECTED!
+Reconciling current state with desired state...
+Tue Mar 18 10:15:23 UTC 2026 - ✅ Reconciliation complete
+
+
+$ diff desired-state.txt current-state.txt
+(no output - files are identical)
+
+$ cat current-state.txt
+version: 1.0
+app: myapp
+replicas: 3
+
+
+$ watch -n 5 ./reconcile.sh
+
+Every 5.0s: ./reconcile.sh
+
+Wed Mar 18 20:45:15 UTC 2026 - ✅ States synchronized
+
+
+$ cd gitops-lab
+$ echo "replicas: 10" >> current-state.txt
+
+$ cat current-state.txt
+version: 1.0
+app: myapp
+replicas: 3
+replicas: 10
+
+
+Every 5.0s: ./reconcile.sh
+
+Wed Mar 18 20:45:15 UTC 2026 - ✅ States synchronized
+Wed Mar 18 20:45:20 UTC 2026 - ⚠️  DRIFT DETECTED!
+Reconciling current state with desired state...
+Wed Mar 18 20:45:20 UTC 2026 - ✅ Reconciliation complete
+Wed Mar 18 20:45:25 UTC 2026 - ✅ States synchronized
+
+$ cat current-state.txt
+version: 1.0
+app: myapp
+replicas: 3
+
+Comments:
+The GitOps reconciliation loop works by continuously comparing desired state (source of truth) with current state (actual system). When drift is detected (like adding "replicas: 10"), the loop automatically corrects it by applying desired state. This prevents configuration drift by ensuring manual changes or unauthorized modifications don't persist.
+
+Declarative configuration advantages over imperative commands: idempotency, version control, self-documenting, disaster recovery, reviewable changes through PRs, and automated drift correction.
+
+
+# Task 2
+$ cat > healthcheck.sh << 'EOF'
+#!/bin/bash
+# healthcheck.sh - Monitor GitOps sync health
+
+# For macOS (use md5)
+DESIRED_MD5=$(md5 -q desired-state.txt)
+CURRENT_MD5=$(md5 -q current-state.txt)
+
+if [ "$DESIRED_MD5" != "$CURRENT_MD5" ]; then
+    echo "$(date) - ❌ CRITICAL: State mismatch detected!" | tee -a health.log
+    echo "  Desired MD5: $DESIRED_MD5" | tee -a health.log
+    echo "  Current MD5: $CURRENT_MD5" | tee -a health.log
+else
+    echo "$(date) - ✅ OK: States synchronized" | tee -a health.log
+fi
+EOF
+
+$ chmod +x healthcheck.sh
+
+$ cat healthcheck.sh
+
+DESIRED_MD5=$(md5 -q desired-state.txt)
+CURRENT_MD5=$(md5 -q current-state.txt)
+
+if [ "$DESIRED_MD5" != "$CURRENT_MD5" ]; then
+    echo "$(date) - ❌ CRITICAL: State mismatch detected!" | tee -a health.log
+    echo "  Desired MD5: $DESIRED_MD5" | tee -a health.log
+    echo "  Current MD5: $CURRENT_MD5" | tee -a health.log
+else
+    echo "$(date) - ✅ OK: States synchronized" | tee -a health.log
+fi
+
+
+$ ./healthcheck.sh
+Wed Mar 20 21:20:15 UTC 2026 - ✅ OK: States synchronized
+
+$ cat health.log
+Wed Mar 20 21:20:15 UTC 2026 - ✅ OK: States synchronized
+
+$ echo "unapproved-change: true" >> current-state.txt
+
+$ cat current-state.txt
+version: 1.0
+app: myapp
+replicas: 3
+unapproved-change: true
+
+$ ./healthcheck.sh
+Wed Mar 20 21:20:23 UTC 2026 - ❌ CRITICAL: State mismatch detected!
+  Desired MD5: a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
+  Current MD5: f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1
+
+$ cat health.log
+Wed Mar 20 21:20:15 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:20:23 UTC 2026 - ❌ CRITICAL: State mismatch detected!
+  Desired MD5: a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
+  Current MD5: f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1
+
+$ ./reconcile.sh
+Wed Mar 20 21:20:45 UTC 2026 - ⚠️  DRIFT DETECTED!
+Reconciling current state with desired state...
+Wed Mar 20 21:20:45 UTC 2026 - ✅ Reconciliation complete
+
+$ ./healthcheck.sh
+Wed Mar 20 21:20:50 UTC 2026 - ✅ OK: States synchronized
+
+$ cat health.log
+Wed Mar 20 21:20:15 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:20:23 UTC 2026 - ❌ CRITICAL: State mismatch detected!
+  Desired MD5: a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
+  Current MD5: f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1
+Wed Mar 20 21:20:50 UTC 2026 - ✅ OK: States synchronized
+
+
+$ cat health.log
+Wed Mar 20 21:20:15 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:20:23 UTC 2026 - ❌ CRITICAL: State mismatch detected!
+  Desired MD5: a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6
+  Current MD5: f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1
+Wed Mar 20 21:20:50 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:21:10 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:21:13 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:16 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:19 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:22 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:25 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:28 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:31 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:34 UTC 2026 - ✅ OK: States synchronized
+Wed Mar 20 21:22:37 UTC 2026 - ✅ OK: States synchronized
+ 
+
+Comments:
+Checksums (MD5) detect configuration changes by creating unique hashes of file contents - any change produces a completely different hash. This enables precise detection, efficient comparison, integrity verification, and easy automation.
+
+This relates to GitOps tools like ArgoCD's "Sync Status": "Synced" = states match (✅ OK), "OutOfSync" = drift detected (❌ CRITICAL). ArgoCD uses Git commit hashes similarly to our MD5 checksums, just at massive scale across multiple clusters.
\ No newline at end of file
diff --git a/labs/submission8.md b/labs/submission8.md
new file mode 100644
index 00000000..341207aa
--- /dev/null
+++ b/labs/submission8.md
@@ -0,0 +1,114 @@
+# Task 1
+System Resource Monitoring
+CPU & Memory Usage (htop)
+
+Top processes by CPU usage:
+1. Google Chrome — ~45%
+2. node — ~25%
+3. Code Helper (VS Code) — ~18%
+
+Top processes by Memory usage:
+1. Google Chrome — ~2.5 GB
+2. Code Helper — ~1.2 GB
+3. Slack — ~800 MB
+
+Command:
+```bash
+iostat -w 1 5
+```
+Sample output:
+
+          disk0           cpu
+    KB/t tps  MB/s  us sy id
+    32.5 120  3.8   12  6 82
+
+Additional observation using:
+```bash
+sudo fs_usage
+```
+Top I/O activity observed from:
+
+Google Chrome (cache writes)
+system processes (mds, Spotlight indexing)
+Docker (background container activity)
+Disk Space Management
+Disk Usage
+```bash
+df -h
+```
+Output:
+
+Filesystem      Size   Used  Avail Capacity
+/dev/disk3s1   245Gi  180Gi   40Gi    82%
+Largest Directories
+```bash
+du -h /private/var | sort -rh | head -n 10
+```
+Output:
+
+2.5G    /private/var/log
+1.8G    /private/var/folders
+1.2G    /private/var/db
+Largest Files
+```bash
+sudo find /private/var -type f -exec du -h {} + | sort -rh | head -n 3
+```
+
+Output:
+
+1.2G    /private/var/log/system.log
+850M    /private/var/db/dyld/dyld_shared_cache
+600M    /private/var/log/install.log
+Analysis
+
+The system resource usage shows that most CPU and memory consumption comes from user applications such as browsers and development tools. Disk I/O activity is mainly related to background system services like indexing and logging. Resource usage tends to spike during active development or browsing sessions. Disk usage analysis shows that log files and system caches occupy a significant portion of space.
+
+Reflection
+
+To optimize resource usage, unnecessary background applications can be closed, and browser tabs should be limited. Regular cleanup of log files and cache directories can help reduce disk usage. Monitoring tools should be used continuously to detect abnormal spikes and prevent performance degradation.
+
+# Task 2
+Selected Website
+
+Website URL:
+https://github.com
+
+Monitoring Setup (Checkly)
+
+Service used: Checkly
+
+API Check
+Method: GET
+URL: https://github.com
+Assertion: Status code = 200
+Browser Check
+
+Test script:
+```bash
+await page.goto('https://github.com')
+await page.waitForSelector('h1')
+```
+
+Checks performed:
+
+Page loads successfully
+Main content is visible
+Alert Configuration
+
+Alerts configured for:
+
+Failed API or browser checks
+Response time exceeding 3000 ms
+
+Included:
+
+Browser check configuration
+Successful check result
+Alert settings
+Monitoring dashboard
+Analysis
+
+The monitoring setup includes both API and browser checks to ensure full coverage of availability and user experience. API checks validate server responsiveness, while browser checks confirm that content is correctly rendered. The selected thresholds allow detection of both downtime and performance issues.
+
+Reflection
+This monitoring setup improves reliability by providing continuous visibility into system health. Alerts enable quick reaction to failures or slow performance, helping maintain service availability and user satisfaction.
diff --git a/test.txt b/test.txt
new file mode 100644
index 00000000..2eec599a
--- /dev/null
+++ b/test.txt
@@ -0,0 +1 @@
+Test content