Stars
Code signing and transparency for containers and binaries
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
octant plugin for kubernetes policy report
Home of the Hierarchical Namespace Controller (HNC). Adds hierarchical policies and delegated creation to Kubernetes namespaces for improved in-cluster multitenancy.
Monitoring and Observability Tool for the PolicyReport CRD with an optional UI.
GitHub star history and stats - based on JavaScript only!
Kyverno policies for security and best practices
A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.
This is the public roadmap for AWS container services (ECS, ECR, Fargate, and EKS).
A place for policy work group related proposals and prototypes.
Production-Grade Container Scheduling and Management
A working place for multi-tenancy related proposals and prototypes.
This project contains tools to facilitate the deployment of Apache ZooKeeper on Kubernetes.
Distributed, in-memory key/value store and cache. It can be used as an embedded Go library and a language-independent service.
⚡️ A dev tool for microservice developers to run local applications and/or forward others from/to Kubernetes SSH or TCP
OCR using Python, Tesseract and OpenCV in a Docker container
Dockerfile for the OpenJDK11 Alpine Linux builds: http://jdk.java.net/11/