Amazon Project Kuiper — HITL CI/CD & Secure Code‑Signing

• Team: Kuiper SDE internship (May–Aug 2025), Seattle.
• Constraints: HITL devices, reproducibility, and security requirements.

• Manual HITL testing was slow and error‑prone; security‑sensitive artifacts required trusted signing.

• CI/CD pipeline architecture for automated HITL runs.
• Python + pytest for diagnostics, log parsing, HTML reporting.
• Infra with AWS CDK; containerized (Docker) for reproducibility.
• Designed secure code‑signing framework (high‑level only; no secrets, no internal details).

• Containerized test harness for reproducible device interactions.
• Separation of duties for signing keys vs. build system (principle of least privilege).
• HTML reports for human‑friendly summaries; raw logs archived.

• Automated HITL runs eliminated manual steps and accelerated the dev loop.

Show small, generic snippets (pytest fixtures, parsing helpers) that don’t reveal proprietary APIs.

• Parallelize device pools; add flaky‑test quarantine lanes.
• SBOM + attestations integrated into signing pipeline (SLSA‑style).

• Public write‑ups (if any in the future); otherwise omit links for NDA‑bound work.