Declarative K8s e2e testing

The Compliance Validator

Code signing and transparency for containers and binaries

Cloud Native Policy Management

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

octant plugin for kubernetes policy report

Home of the Hierarchical Namespace Controller (HNC). Adds hierarchical policies and delegated creation to Kubernetes namespaces for improved in-cluster multitenancy.

Monitoring and Observability Tool for the PolicyReport CRD with an optional UI.

GitHub star history and stats - based on JavaScript only!

Kyverno policies for security and best practices

Kubernetes Native, Runtime Container Image Scanning

A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.

This is the public roadmap for AWS container services (ECS, ECR, Fargate, and EKS).

Nirmata Terraform Provider

A place for policy work group related proposals and prototypes.

Virtual-kubelet provider running pods in cloud instances

Nirmata Go Client Library

Production-Grade Container Scheduling and Management

A working place for multi-tenancy related proposals and prototypes.

This project contains tools to facilitate the deployment of Apache ZooKeeper on Kubernetes.

Enable Kubernetes at scale

Distributed, in-memory key/value store and cache. It can be used as an embedded Go library and a language-independent service.

⚡️ A dev tool for microservice developers to run local applications and/or forward others from/to Kubernetes SSH or TCP

Go middlewares for HTTP servers & proxies

OCR using Python, Tesseract and OpenCV in a Docker container

Kafka (and Zookeeper) in Docker

Dockerfile for the OpenJDK11 Alpine Linux builds: http://jdk.java.net/11/