11 repository-uri
Utilities and frameworks designed for building scalable applications in cloud environments.
Distinguishing note: No candidates provided; this is a broad domain-level capability.
Explore 11 awesome GitHub repositories matching devops & infrastructure · Cloud Native Development Tools. Refine with filters or upvote what's useful.
This project serves as a technical educational resource and software implementation example focused on dependency injection architecture and containerized application packaging. It provides a centralized framework for managing the lifecycle and configuration of application components, allowing objects to receive their dependencies from a registry rather than creating them internally. The project distinguishes itself by offering a type-safe service resolution mechanism that uses language-level information to map abstract interfaces to concrete implementations. By utilizing an inversion of cont
Supports building and running scalable applications in modern cloud environments.
Dagger is a programmable CI/CD engine and containerized task runner designed to orchestrate build and test pipelines. It functions as an incremental build system that manages containers, filesystems, and secrets through a typed API to ensure consistent execution across local and cloud environments. The engine utilizes a language-agnostic client-server API to allow multi-language pipeline orchestration, enabling the sharing of typed artifacts and state across different SDKs without manual serialization. It optimizes execution through content-addressable caching and a directed acyclic graph to
Provides a typed API for managing container images, secrets, and networked services to streamline the software delivery lifecycle.
This project serves as a comprehensive directory of open-source libraries, tools, and technical documentation designed for building and managing infrastructure on the Amazon Web Services platform. It functions as a centralized knowledge base, aggregating software development kits, command-line utilities, and editor extensions to assist developers in cloud-native application development. The directory distinguishes itself through a categorical taxonomy that organizes disparate technical resources into a structured hierarchy. It incorporates community-driven metadata aggregation and automated m
Aggregates development kits and utilities to assist in building cloud-native applications.
This project is a unified, cloud-native policy engine designed to decouple authorization and security logic from application codebases. It functions as a centralized authorization service that evaluates structured input data against declarative rules, enabling consistent policy enforcement across microservices, infrastructure, and continuous integration pipelines. The engine utilizes a specialized logic programming language to express complex constraints, which are compiled into an optimized intermediate representation for high-performance evaluation. By supporting both sidecar-based deployme
Enforces security and operational standards across infrastructure, microservices, and CI/CD pipelines in cloud-native environments.
jetson-inference is a set of libraries and tools for executing optimized deep learning models on embedded GPU hardware. Its primary purpose is to enable real-time computer vision and AI inference at the edge with low latency and high throughput. The project distinguishes itself through high-performance streaming analytics and the ability to execute concurrent AI pipelines on auto-grade silicon. It provides specialized support for multi-sensor stream processing, utilizing zero-copy data transport to load camera frames directly into GPU memory. The codebase covers a broad surface of capabiliti
Employs containers, Kubernetes, and microservices to create scalable AI applications bridging cloud and edge.
Kyverno is a Kubernetes policy engine and cloud native governance tool. It functions as a policy-as-code framework that validates, mutates, and generates resources to enforce security and governance standards within a cluster. The project distinguishes itself through a declarative policy model that utilizes native Kubernetes custom resource definitions, allowing policies to be managed as standard cluster objects without custom code. It provides specific security capabilities for container image verification and signature validation to ensure only trusted images are deployed. Its broader capa
Provides a portable engine for enforcing security and operational standards via validation, mutation, and generation of resources.
tfsec is a static analysis tool and security scanner for infrastructure as code, specifically designed to detect misconfigurations and compliance violations in Terraform and cloud infrastructure definitions before deployment. It functions as a cloud security policy engine that identifies vulnerabilities across multiple cloud platforms. The tool provides capabilities for cloud compliance auditing and scanning of Cloud Development Kit code. It supports custom security policy enforcement and allows for the definition of organization-specific security requirements. The scanner includes features
Enforces security best practices and operational standards across multiple cloud-native environments using a policy engine.
Cloud Custodian is a multi-cloud governance engine and policy enforcement tool designed to automate security, compliance, and cost optimization across various cloud providers. It functions as a rules engine that uses a declarative domain specific language to query cloud resources and execute corrective actions based on predefined filters. The system operates as a serverless policy orchestrator, deploying provider-specific functions to trigger real-time enforcement in response to cloud resource changes. It provides a provider-agnostic resource abstraction to maintain consistent operational pol
Utilizes a declarative YAML-based domain specific language to define resource filters and corrective governance actions.
Cloud Custodian is an open-source rules engine that uses declarative YAML policies to query, filter, and take automated actions on cloud resources for governance and compliance. It functions as a stateless policy execution engine, where each policy evaluation runs as an independent, idempotent operation without maintaining internal state between runs. Policies are defined using a YAML-based domain-specific language that structures rules as a query-filter-action pipeline. The engine supports dry-run validation, allowing users to simulate policy actions against live resources without applying c
A policy engine that defines cloud resource management rules in YAML, enabling querying, filtering, and automated actions across accounts.
Goss este un instrument de validare a infrastructurii și un framework de testare utilizat pentru a verifica dacă starea curentă a unui server corespunde unei configurații dorite. Compară output-ul sistemului live cu specificațiile YAML sau JSON pentru a valida componente precum pachete, servicii, utilizatori și porturi de rețea. Instrumentul permite generarea automatizată a specificațiilor de testare prin capturarea stării existente a unui sistem. Suportă medii de implementare diverse prin utilizarea de template-uri dinamice și fișiere de variabile. Dincolo de validarea la un moment dat, framework-ul poate executa teste cu reîncercare care interoghează convergența stării până la atingerea unui timeout. Oferă observabilitate prin expunerea rezultatelor validării prin endpoint-uri de sănătate HTTP și exportul rezultatelor în formate standard pentru integrarea cu instrumente de monitorizare externe.
Utilizes a declarative YAML-based specification to query and validate the state of server packages, services, and ports.
Cerbos is an open-source authorization service that provides a centralized, language-agnostic engine for managing access control. It functions as a policy-as-code platform, allowing teams to define, test, and distribute authorization rules using declarative YAML or JSON configurations. By decoupling access logic from application code, it enables consistent permission enforcement across diverse service stacks. The project distinguishes itself through its ability to translate high-level authorization policies into native database query filters. This capability allows applications to enforce sec
Supports querying and retrieving specific policy and schema definitions with filtering, sorting, and output formatting.