5 Repos
Configuration and permission management for automated workflow environments.
Distinguishing note: Focuses on workflow-specific secrets and permissions.
Explore 5 awesome GitHub repositories matching devops & infrastructure · Workflow Security. Refine with filters or upvote what's useful.
The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral
Configures workflow permissions and secrets to prevent unauthorized access to build environments.
Argo Workflows is a container-native workflow engine that functions as a Kubernetes custom resource controller. It orchestrates complex sequences of containerized tasks by executing them as directed acyclic graphs, allowing for dependency management and parallel processing within a cluster. The system extends the native Kubernetes control plane to manage the full lifecycle of automated processes, from initial triggering to final resource cleanup. The platform distinguishes itself through its controller-pattern reconciliation, which continuously monitors workflow states to align them with desi
Enforces authentication and authorization protocols to restrict management and execution capabilities to verified users and service accounts.
Elsa Core is a workflow engine framework designed for defining, executing, and managing long-running business processes. It functions as a distributed workflow orchestrator and event-driven trigger system, capable of operating as a multi-tenant platform with secure data isolation. The project distinguishes itself through a flexible approach to workflow definitions, supporting a visual drag-and-drop designer, programmatic C# definitions, and portable JSON specifications. It provides a highly extensible architecture allowing for the development of custom activities and the use of a dynamic expr
Controls access to the visual designer and runtime using authentication schemes and authorization policies.
This project is an orchestration tool for establishing interactive debug sessions within automation pipelines. It functions as a GitHub Action that opens an interactive SSH or web-based shell session, providing a remote access utility for real-time system interaction and troubleshooting during continuous integration execution. The tool supports conditional debugging workflows, allowing interactive shells to be triggered only upon manual request or the failure of previous automation steps. It also enables detached debugging modes to start background sessions that provide connection details wit
Manages authorized keys and private relays to safely access automation environments without public exposure.
gh-aw is a GitHub automation platform and orchestration framework that uses an agentic workflow engine to automate repository management and code reviews. It translates natural language markdown and configuration files into secure, automated task sequences driven by large language models. The system integrates a Model Context Protocol gateway to route calls between AI agents and external tools. It distinguishes itself through a comprehensive security guardrail system that provides sandboxed execution for protocol servers, network egress controls via domain allowlists, and human-in-the-loop ap
Transforms markdown source files into locked configuration files to ensure secure execution within delivery pipelines.