11 dépôts
Mechanisms for managing administrative access to deployed infrastructure environments.
Distinguishing note: Focuses on post-deployment access management rather than general security.
Explore 11 awesome GitHub repositories matching devops & infrastructure · Deployment Access Controls. Refine with filters or upvote what's useful.
Dify is an open-source platform for building, orchestrating, and deploying generative AI applications and autonomous agents. It provides a visual development environment that allows users to design complex, multi-step logic chains and conversational flows, which can then be published as APIs, web interfaces, or embedded widgets. The platform acts as a centralized infrastructure layer, managing model connections, prompt templates, and knowledge retrieval to support scalable AI-powered services. What distinguishes the platform is its focus on stateful application design and workflow orchestrati
Initializes administrator accounts and enables immediate access to the web interface locally or on a remote server.
FastMCP is a Python framework designed for building servers that expose functions, resources, and prompts to AI models using the Model Context Protocol. It simplifies the development process by automatically deriving tool metadata, input schemas, and documentation directly from Python function signatures and type hints. The framework provides a unified container for managing these components, allowing developers to build modular applications that integrate seamlessly with AI assistants. The project distinguishes itself through its support for interactive, server-defined user interface compone
Defines runtime execution parameters including protocols, network interfaces, and logging levels.
Cube is a semantic data layer that provides a unified framework for defining business metrics, dimensions, and relationships across diverse data sources. By acting as a headless business intelligence engine, it transforms raw data into a governed model that can be queried via SQL, REST, and GraphQL interfaces. This architecture ensures consistent data definitions and logic across all downstream analytical applications and reporting tools. The platform distinguishes itself through its integrated conversational AI capabilities, which allow users to explore data using natural language. It orches
Provides temporary authentication credentials for secure programmatic interaction with deployment management and data services.
Semaphore is a web interface and API for running and scheduling Ansible playbooks and other infrastructure automation tools. It serves as an infrastructure automation dashboard and DevOps task scheduler for orchestrating deployments. The platform functions as a multi-tool automation hub, providing a centralized dashboard for managing infrastructure as code using Ansible, Terraform, OpenTofu, and Terragrunt. It includes an inventory management tool for organizing target servers and containers, alongside a secret management service for storing sensitive environment variables required during exe
Controls user permissions for interacting with and executing jobs within the deployment system.
This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a
Provides scoped access tokens for machines and AI tools to replace plaintext credentials in automated workflows.
This project provides a comprehensive guide and set of scripts for deploying and configuring a production-ready Kubernetes cluster from scratch. It centers on establishing a functional environment by installing core management components, storage, and networking across multiple nodes. The implementation emphasizes high availability for the control plane, utilizing layer-4 load balancing and leader election for the API server, scheduler, and controller manager. It further ensures reliability through the deployment of a distributed key-value store for persistent runtime data. The project cover
Creates service accounts and secrets for secure authentication to the management dashboard.
ZenML is an orchestration platform designed for building, deploying, and monitoring reproducible machine learning pipelines and agentic workflows. It provides a unified framework that manages the entire lifecycle of machine learning assets, from data processing and model training to the deployment of persistent inference services. By decoupling pipeline logic from underlying compute and storage, the platform enables teams to transition workflows seamlessly from local development environments to production-grade cloud infrastructure. The platform distinguishes itself through a service-oriented
Issues short-lived bearer tokens for authenticated sessions to authorize programmatic HTTP requests.
This project is a GitHub Action designed to automate the deployment of static files and generated sites to GitHub Pages. It functions as a deployment tool that pushes build artifacts from a workflow to a remote Git repository branch for web hosting. The tool supports publishing to external repositories, enabling a private-to-public workflow to keep source code hidden. It also provides compatibility with GitHub Enterprise Server instances for deployments within private corporate environments. Core capabilities include managing the hosting branch through the creation of orphan branches to remo
Verifies identity using runner tokens, SSH deploy keys, or personal access tokens to manage repository access.
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Provides guidelines for applying segregation and access controls to the deployment process to prevent unauthorized modifications.
This repository is a comprehensive sample library providing reference implementations for automating tasks and extending functionality across Google Workspace applications. It serves as a collection of code examples and templates for building workspace automation scripts, custom add-ons, and integrated productivity tools. The project distinguishes itself by providing specialized examples for integrating large language models into productivity tools for content generation and data analysis. It also includes reference implementations for creating conversational chat apps, interactive cards, and
Manages granular identity and access permissions for script deployments for users and service accounts.
This is a GitHub Action designed to automate the deployment of production assets to GitHub Pages or other external repositories. It functions as a CI/CD deployment tool and Git branch synchronizer that mirrors a local directory of build artifacts to a remote branch. The tool distinguishes itself by performing difference-based file pruning, which removes stale files from the destination branch that no longer exist in the source folder. It also supports cross-project workflows by allowing deployments to external repositories using personal access tokens or SSH keys. The action covers broad cap
Uses personal access tokens and SSH keys to grant write access to target deployment repositories.