24 مستودعات
The ability to execute shell commands and binaries within a controlled container environment during a build.
Distinct from Host-to-Container Execution: Shortlist candidates focus on host-to-container or non-root specifically; this is the general build-time execution capability.
Explore 24 awesome GitHub repositories matching devops & infrastructure · Container Command Execution. Refine with filters or upvote what's useful.
Buildkit is a programmable container build toolkit and OCI container image builder that converts build definitions into concurrent dependency graphs for image construction. It functions as an OCI image distribution engine, capable of generating container images and exporting artifacts to local storage or remote registries. The project is distinguished by its use of a low-level binary intermediate representation to decouple high-level build languages from the execution engine. It supports multi-platform image builds through user-mode architecture emulation and provides a distributed build cach
Executes build commands inside containers with custom arguments, environment variables, and user permissions.
pkgx is a cross-platform tool orchestrator and portable package runner that enables the execution of specific software versions without requiring permanent installation on the host system. It functions as a multi-ecosystem package wrapper, providing a unified interface to launch tools and managers from various language ecosystems. The project serves as an ephemeral environment provider and script dependency manager, allowing users to declare and automatically inject required software versions into scripts via a shebang line. This allows for the bootstrapping of temporary shells and containers
Executes software tools within container environments to ensure complete isolation from the host operating system.
Cog is a machine learning packaging tool and containerized model wrapper that bundles models and their dependencies into standardized Docker containers. It functions as an environment manager and inference server, ensuring consistent model execution across different hardware systems by resolving GPU drivers, system libraries, and Python dependencies. The project distinguishes itself by automatically generating RESTful HTTP servers and OpenAPI schemas based on defined model input and output types. It manages large model weights as external fixtures to optimize image size and utilizes a slot-ba
Enables the execution of arbitrary shell commands and interactive shells within a controlled container environment.
Phusion/baseimage-docker is a minimal Ubuntu-based Docker base image that includes a proper init system for managing multiple services and processes inside a single container. It provides a lightweight init process that reaps zombie processes, forwards stop signals for graceful shutdown, and supervises daemons through runit, restarting them automatically if they crash. The image includes a preconfigured OpenSSH server restricted to public-key authentication for secure shell access to running containers, along with a cron daemon for scheduling recurring tasks. It supports ordered startup scrip
Executes a single command inside a new container after starting all system services and process supervisors.
Buildah is a daemonless container tool used for building and managing OCI-compliant container images. It functions as a command line utility that creates and modifies images without requiring a background process or root privileges. The tool transforms Dockerfile instructions into standard images and allows for the generation of images by committing the state of a running container. It supports the creation of images from scratch or base images, ensuring that all output adheres to Open Container Initiative specifications for portability. Beyond image construction, it provides capabilities fo
Allows running processes inside a working container to install software or modify environment state during a build.
Testcontainers for Java is a library for launching and managing disposable Docker containers to provide isolated dependencies for automated tests. It provides specialized provisioners for containerized databases, a manager for WebDriver browser containers, and an orchestrator for deploying multi-container applications via Docker Compose. The project ensures reproducible data states through database schema initialization and provides integration with JUnit to manage the lifecycle of external services. It supports automated browser testing by launching Selenium containers with the ability to re
Provides a mechanism to run arbitrary shell commands inside a running container via the Docker exec API.
Mamba is a package manager for scientific and data science workflows that implements a high-performance dependency solver in C++. It uses a SAT-based resolution model and a specialized library for metadata processing to calculate compatible package versions across different operating systems. The project provides a standalone executable runtime, allowing the creation of isolated package environments without requiring a pre-existing system installation. It ensures reproducible environment setup by utilizing lock files to pin exact package versions and channels. The system supports containeriz
Executes installation and runtime commands within pre-configured container images to prevent host system contamination.
Concourse is a container-based continuous integration and delivery platform that functions as a distributed build system. It operates as a declarative pipeline orchestrator, using a central controller and multiple worker nodes to execute concurrent tasks within isolated containers. The system distinguishes itself by executing every build step in a separate container to ensure environment consistency and by defining software delivery sequences through portable, versionable configuration files. It provides a web-based pipeline visualizer to display the real-time status and progress of automated
Executes every build step inside a fresh, isolated container to ensure environment consistency.
Youki is a low-level container runtime written in Rust that creates and manages isolated containers according to Open Container Initiative specifications. It serves as an execution engine that can function as a rootless container manager or a pluggable Kubernetes CRI runtime to manage pods and containers within a cluster. The project distinguishes itself by providing a Wasm container runtime capable of executing WebAssembly modules as isolated workloads compatible with standard orchestration tools. It further supports a rootless execution model, allowing isolated environments to start as non-
Runs containers and pods using compatible sandboxes to isolate processes and manage hardware resources.
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
Executes shell commands and binaries within a controlled environment to create new image layers during builds.
Osmedeus is a security workflow orchestration engine that coordinates AI agents, shell commands, and scanning tools through declarative YAML pipelines. It functions as a distributed security scanner, a declarative workflow automator, and an AI agent framework for security, enabling automated multi-step security analysis with conditional branching, parallel execution, and distributed workers. The engine distinguishes itself through a hybrid runner model that executes workflow steps on the local host, inside Docker containers, or over SSH to remote machines, selected per step or module. It supp
Runs commands inside a Docker container, supporting both ephemeral and persistent execution modes.
CRI-O is an open-source container runtime that implements the Kubernetes Container Runtime Interface (CRI) to manage container images, pods, and containers on cluster nodes using OCI-compatible runtimes. It serves as a node-level container manager that handles image pulling, container lifecycle, and resource monitoring for Kubernetes clusters, running containers according to the Open Container Initiative specifications. The runtime distinguishes itself through live configuration reloading that applies changes to runtime definitions, registry mirrors, and TLS certificates without restarting th
Runs arbitrary commands inside a running container via the exec interface, enabling debugging and administrative tasks.
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
Runs commands inside running containers or virtual machines via the client, enabling shell access without network connectivity.
هذا المشروع عبارة عن منسق مساحة عمل قائم على الحاويات ومعيار لتحديد بيئات التطوير باستخدام Docker. يوفر آلية لأتمتة بناء وتشغيل وإدارة سلاسل الأدوات المعزولة، مما يضمن فصل تبعيات البرامج وأوقات التشغيل عن نظام المضيف المحلي. يُمكّن النظام من توزيع تعريفات البيئة، وإعدادات المحرر، وتكوينات سلسلة الأدوات عبر التحكم في المصدر. يضمن هذا قابلية النقل والتوحيد القياسي عبر الفرق، مما يسمح للمساهمين بإنشاء مساحات عمل متطابقة على أجهزة مختلفة. كما يدعم تطوير الحاويات عن بُعد عن طريق توصيل محرر محلي بمحركات Docker المستضافة على خوادم بعيدة. تغطي مجموعة الأدوات توفير مساحة العمل من خلال ملفات Dockerfiles وملفات التكوين المخصصة، إلى جانب إدارة دورة الحياة لبدء وإيقاف وإرفاق الحاويات. تتضمن قدرات لتركيب المجلدات المحلية في وحدات تخزين معزولة، وإعادة توجيه منافذ الشبكة إلى المضيف، وتنفيذ إضافات المحرر مباشرة داخل البيئة المعبأة في حاويات. توفر الأداة أدوات سطر أوامر لبناء صور الحاويات، وتنسيق بدء تشغيل البيئة، وتنفيذ الأوامر عن بُعد.
Executes specific processes or scripts inside a running container from an external terminal.
Zinit is a Zsh plugin manager designed for downloading, loading, and updating extensions and snippets for the Z shell. It functions as a performance optimizer, a shell binary installer, and a completion manager, providing a framework for shell lifecycle automation and the registration of tab completion definitions. The project distinguishes itself through advanced startup optimization, utilizing bytecode compilation, configuration caching, and deferred loading to reduce shell boot times. It further differentiates its plugin execution model by supporting the sourcing of individual remote code
Runs custom shell commands, makefiles, or configure scripts immediately after cloning or updating a plugin.
Veewee is a framework for automating the generation and packaging of custom virtual machine images across multiple hypervisors. It serves as a virtual machine image builder, OS installation automator, and image converter capable of producing configured images for KVM, Vagrant, and VMware. The tool differentiates itself by using remote desktop keystroke injection to simulate keyboard inputs directly into the guest machine buffer, automating installations that typically require manual interaction. It further enables the creation of custom base boxes and portable image formats through a multi-pr
Executes a sequential series of shell scripts inside a guest VM after the primary OS installation is complete.
Baserow is a self-hosted, no-code relational database platform built on PostgreSQL. It provides a spreadsheet-like interface for structuring and managing data without writing code, while exposing all database resources via a REST API to support headless architectures. The platform distinguishes itself by integrating large language models and embedding servers to power AI assistants and automated data generation. It further extends its utility as a no-code application builder, allowing users to create custom internal portals, dashboards, and business tools using visual logic and managed data.
Enables the execution of administrative database operations via a CLI on live containers.
dpanel is a web-based Docker management interface and remote server manager. It serves as a container lifecycle tool and orchestrator for deploying multi-container applications using Docker Compose configuration files and application stores. The project distinguishes itself as a central management console capable of controlling containers across multiple remote servers via API or SSH connections. It includes an integrated host filesystem browser for accessing files and folders on remote machines via SSH and SFTP. The platform covers container image workflows, including building custom images
Automates periodic container operations by mapping predefined configuration templates to trigger intervals.
Ofelia is a recurring job scheduler designed to run commands inside Docker containers or directly on the host system using a defined timetable. It functions as a configuration engine that reads job schedules and commands from container labels, a concurrency guard to prevent overlapping task executions, and a log router for reporting job outcomes. The system distinguishes itself by using a label-based configuration model, allowing job schedules and execution logic to be defined within container metadata rather than external configuration files. It employs a lock-based concurrency control mecha
Provides a system for automating recurring commands inside Docker containers using a defined timetable.
mini-swe-agent is an autonomous software engineering system designed to develop features and fix bugs by combining large language models with a bash interface. It operates as an agentic framework that executes coding tasks and documentation updates through a continuous cycle of model reasoning and tool execution. The project differentiates itself with a strong focus on safety and evaluation, utilizing container-based sandbox execution via Docker or Singularity to isolate command execution. It includes a batch-parallel evaluation harness to measure code-fixing accuracy against standardized sof
Enables the execution of shell commands inside Singularity containers using writable sandboxes.