17 Repos
Tools for generating, managing, and optimizing Dockerfile configurations.
Distinguishing note: Focuses on the configuration file itself rather than the resulting image.
Explore 17 awesome GitHub repositories matching devops & infrastructure · Dockerfile Utilities. Refine with filters or upvote what's useful.
This project is a comprehensive, community-driven directory that serves as a centralized discovery hub for the container ecosystem. It functions as a structured knowledge base, aggregating a wide array of software tools, educational materials, and technical resources designed to assist developers and operators in mastering containerization technologies. The repository distinguishes itself through a meticulously organized taxonomy that maps the entire container lifecycle, from initial development and image building to orchestration, security, and infrastructure operations. By curating disparat
Provides utilities for generating and managing Dockerfile configurations.
Deepagents is an LLM agent orchestration platform and stateful application server designed for deploying and managing AI agents built with computational graphs. It provides a containerized runtime environment that handles agent execution, state persistence, and the versioning of AI assistants. The platform distinguishes itself through deep integration with the Model Context Protocol, allowing agents to function as servers that expose tools and capabilities to external clients. It features a sophisticated observability suite for capturing execution traces, performing LLM-based evaluations agai
Automatically translates project configuration into standard Dockerfiles for custom image builds.
This project is a suite of specialized tools for linting, minifying, analyzing, and managing container images and their associated registries. It provides a set of utilities including an image minifier to reduce image size, a security profiler to harden running containers, an image analyzer for static inspection, and a registry manager for organizing multi-architecture indices. The toolset distinguishes itself through behavior-based optimization and security. It uses dynamic analysis to track executed instructions and file access to remove unused binary data, and records kernel interactions t
Analyzes container instructions within Dockerfiles to identify potential issues and suggest quality improvements.
Kaniko is an OCI container image builder that executes Dockerfiles in userspace without requiring a privileged daemon. It is designed as a Kubernetes-native image builder, allowing for the construction and pushing of images to registries from within a cluster or container. The tool ensures reproducible build generation by stripping timestamps from image layers, guaranteeing that identical source inputs produce the same image identifier. It supports multi-architecture image building, allowing for the creation of images compatible with various hardware and operating systems from a single proces
Processes Dockerfile instructions to build images and push results to registries without a background process.
Hadolint is a Dockerfile linter and Haskell-based static analysis tool. It analyzes container image configuration files against a set of rules to ensure valid syntax and adherence to best practices. The tool functions as a wrapper for shell checkers to inspect inline shell commands and scripts within build instructions, identifying scripting errors and bugs. It also includes security auditing capabilities to warn when images are pulled from registries not explicitly listed as trusted. The analysis engine covers quality assurance through label schema validation, syntax pattern verification, a
Checks Dockerfiles for syntax errors and problematic patterns to ensure high quality image construction.
Earthly is a containerized build system and Docker build framework designed for creating reproducible build pipelines. It ensures environment consistency by executing every build step inside an isolated container, combining the isolation of container images with dependency tracking and parallel execution. The system differentiates itself through a focus on hermeticity and multiplatform support, allowing for the generation of container images targeting multiple CPU architectures within a single execution flow. It maintains a hermetic build environment by isolating network access and utilizing
Inherits commands from standard Dockerfiles to incorporate existing image specifications into its build pipelines.
Buildkit is a programmable container build toolkit and OCI container image builder that converts build definitions into concurrent dependency graphs for image construction. It functions as an OCI image distribution engine, capable of generating container images and exporting artifacts to local storage or remote registries. The project is distinguished by its use of a low-level binary intermediate representation to decouple high-level build languages from the execution engine. It supports multi-platform image builds through user-mode architecture emulation and provides a distributed build cach
Converts standard Dockerfile instructions into a low-level binary intermediate representation for precise build execution.
Buildah is a tool for creating OCI-compliant container images without requiring a background daemon process. It functions as a daemonless image constructor and distribution tool, allowing users to build, push, and pull images between local storage and remote registries. The project distinguishes itself by supporting unprivileged image building through the use of user namespaces and rootless mode. It enables direct modification of container root filesystems by mounting them to the host, allowing images to be treated as directories that can be manipulated via standard shell commands or scripts.
Builds container images from standard Dockerfiles without needing a background daemon running on the host system.
This project is a containerized deployment for running Stable Diffusion web interfaces. It provides a portable runtime for generative AI that manages dependencies and hardware acceleration to enable text-to-image generation and image-to-image transformations via a browser-based interface. The system uses hardware-specific image tags to support both GPU-accelerated synthesis and CPU-only execution. It ensures environment isolation across different operating systems while utilizing bind-mount data persistence to keep heavy model weights and generated outputs on the host machine. The deployment
Employs a layered Dockerfile composition to efficiently manage heavy AI dependencies and custom extensions.
Chains multiple image processing functions into sequential stages where each output feeds the next.
Routes textures through shader stages with user-defined hooks to transform visual output.
Imaginary is a self-hosted HTTP server for image processing that applies transformations like resizing, cropping, rotating, and format conversion through URL parameters. It operates as a stateless request-response pipeline, processing images fetched from remote URLs or served from a local directory without requiring client-side dependencies. The server distinguishes itself through its security and access control capabilities, offering optional API key validation, HMAC-signed URL verification, and remote origin whitelisting to restrict which image sources are permitted. It also provides a heal
Chains multiple image transformations in a single request, passing output to input.
Superjson is a lossless JSON serialization library and data transcoder. It converts complex JavaScript and TypeScript data types into strings and metadata to ensure that type identity is preserved during data transfer. The library preserves non-native types such as Dates, Maps, and Sets by splitting values into a JSON-compatible payload and a separate map of type-specific metadata. It utilizes a registry-based mapping system that allows for the definition of custom type handlers to manage third-party data types during serialization and deserialization. This utility supports cross-process dat
Provides utility to build application images using existing Dockerfiles with custom contexts.
The Development Container Specification defines a standardized metadata format and protocol for creating reproducible, containerized development environments that work identically across local machines, remote services, and CI/CD pipelines. At its core, it provides a declarative JSON schema that captures the container image, tools, runtime, lifecycle scripts, and editor customizations for a workspace. This approach treats the development environment as code—version-controlled, shareable, and portable. Key to the specification is a cross-platform provisioning protocol that applies the same con
Supports Dockerfiles and Docker Compose as base definitions alongside the JSON metadata format.
Moon is a monorepo build system and task runner designed to orchestrate complex projects with multiple packages. It functions as a dependency graph orchestrator that executes build targets in topological order and utilizes input hashing to cache results and skip redundant work. The project features a polyglot toolchain manager that automates the installation and versioning of language runtimes and CLI tools to ensure environment consistency. It also includes a plugin framework based on WebAssembly, allowing developers to extend build logic and toolchain behavior using any supported language.
Automatically creates Dockerfiles based on project requirements to simplify the setup of staged builds.
Ikos is a formal verification suite and static analysis framework designed to prove the absence of undefined behaviors and runtime errors in C and C++ source code. It functions as an abstract interpretation tool that approximates program execution to identify potential crashes and software defects. The system utilizes a compiler front-end to translate source code into a specialized abstract representation. This process decouples language parsing from the analysis logic, allowing the framework to perform deep program analysis via a formal verification system. The toolkit covers several analys
Converts source code or bitcode into a specialized abstract representation to simplify the process of program analysis.
This is a command line tool for building and managing isolated development environments based on the Development Container Specification. It functions as an OCI container image builder and a provisioner for instantiating standardized containers within automated continuous integration workflows. The tool includes a system for injecting pre-configured software and toolsets into containers using a registry of reusable installation modules. This allows for the creation of shareable features and the installation of specific languages, CLI tools, and software dependencies. It covers the automation
Supports Dockerfiles and Docker Compose as base definitions alongside JSON metadata for environment customization.