Skip to main content
These labs provide a progressive, practical introduction to Kosli’s core features. You’ll learn how to track your software delivery process from build through deployment, establish compliance requirements, and maintain complete visibility into your software supply chain. Each lab builds on the previous one — complete them in order.
Want something shorter first? Try Kosli locally is a 10-minute Docker-based demo that requires no GitHub account or CI pipeline.
Prerequisites: A GitHub account, basic familiarity with Git and CI/CD concepts. No prior Kosli experience required.

Lab 1: Get Ready

Create a Kosli account, fork the sample repository, and verify the CI/CD pipeline runs successfully.

Lab 2: Flows and Trails

Install the Kosli CLI, create Flows and Trails, and integrate them into your GitHub Actions workflow.

Lab 3: Build Controls

Attest artifacts, attach JUnit test results, and generate and attest a Software Bill of Materials.

Lab 4: Release Controls

Define compliance requirements with Flow Templates and gate deployments with kosli assert artifact.

Lab 5: Runtime Controls

Create environments, snapshot what’s running in production, and enforce compliance policies.
The labs use a sample Java application with a pre-built GitHub Actions pipeline. You’ll progressively add Kosli integration to that pipeline across Labs 2–5.
The standalone lab repository is also available at github.com/kosli-dev/labs.
Last modified on March 26, 2026