devops
A debugger for your CI pipeline.
Interactive CI pipeline debugger. Step through GitHub Actions workflows locally with Docker. Step through GitHub Actions workflows locally with Docker. Pause before each step, inspect the environment, drop into a shell, modify variables, re-run failed steps — without pushing and waiting.
Browser-based DevOps audit tools. No backend. No signup. Everything runs client-side.
A compiled list of links to public failure stories related to Kubernetes. Most recent publications on top.
Related contents:
Cleaner is a Kubernetes controller that identifies unused or unhealthy resources, helping you maintain a streamlined and efficient Kubernetes cluster. It provides flexible scheduling, label filtering, Lua-based selection criteria, resource removal or update and notifications via Slack, Webex and Discord. it can also automate clusters operations.
Take Back Control of DevOps.
Configuration as data lets you see what will happen before it happens.
Related contents:
66 Specialized Skills for Full-Stack Developers. Transform Claude Code into your expert pair programmer.
Related contents:
Minimal CVE Hardened container image collection.
A collection of production-ready container images with minimal CVEs, rebuilt daily using Chainguard's apko and Wolfi packages. By including only required packages, these images maintain a reduced attack surface and typically have zero or near-zero known vulnerabilities.
Related contents:
Open Source DevOps Control Plane.
Run operational workflows across the tools you already use. Stay in control of releases, incident response, infrastructure provisioning, notifications, disaster recovery, and everything in between. SuperPlane is an open source DevOps control plane for defining and running event-based workflows. It works across the tools you already use such as Git, CI/CD, observability, incident response, infra, and notifications.
Related contents:
the continuous thing-doer.
Concourse is an automation system written in Go. It is most commonly used for CI/CD, and is built to scale to any kind of automation pipeline, from simple to complex.
Concourse is very opinionated about a few things: idempotency, immutability, declarative config, stateless workers, and reproducible builds.
OpenSource compliance CLI for GitLab CI/CD.
Analyze your GitLab CI/CD pipelines for security and compliance: pipeline composition (templates, components, version constraints), container images (mutable tags, trusted registries), and branch protection settings.
Plumber is a compliance scanner for GitLab. It reads your .gitlab-ci.yml and repository settings, then checks for security and compliance issues.
Related contents:
Brakeman Security Scanner. Secure Your Rails Applications
Brakeman is a free vulnerability scanner designed for Ruby on Rails applications. Statically analyze Rails application code to find security issues at any stage of development.
A tool to generate Kubernetes manifests from templates.
A powerful tool for generating ArgoCD Applications and their rendered Kubernetes resources from Helm, Kustomize, and Jinja2 — across multiple environments, at scale.
A terminal-based AWS resource viewer and manager.
taws provides a terminal UI to interact with your AWS resources. The aim of this project is to make it easier to navigate, observe, and manage your AWS infrastructure in the wild. taws continually watches AWS for changes and offers subsequent commands to interact with your observed resources.
Automated tests for your infrastructure code.
Terratest is a Go library that provides patterns and helper functions for testing infrastructure, with 1st-class support for Terraform, Packer, Docker, Kubernetes, AWS, GCP, and more.
Related contents:
pinact is a CLI to edit GitHub Workflow and Composite action files and pin versions of Actions and Reusable Workflows. pinact can also update their versions and verify version annotations.
Elixir ❤️ Embedded
Nerves is an open-source platform that combines the rock-solid BEAM virtual machine and Elixir ecosystem to easily build and deploy production embedded systems.
Related contents:
The one stop semantic release tool.
Nyx is a powerful, flexible and extremely configurable semantic release tool. You can put release management on auto pilot regardless of the kind of project, languages, tools and technologies or you can control any aspect of release management manually. Preset configuration values let you get started in minutes without digging into detailed settings.
Build professional pipelines in minutes.
The goal of this project is to make building a professional CI/CD pipeline as easy as including a couple of GitLab CI templates in your .gitlab-ci.yml file.
Related contents:
Database DevSecOps.
Bytebase is an open-source database DevOps tool, it's the only database CI/CD project included by the CNCF Landscape and Platform Engineering. It offers a web-based collaboration workspace to help DBAs and Developers manage the lifecycle of application database schemas.
Related contents:
The chaos engineering toolkit for developers.
The Chaos Toolkit, or as we love to call it “ctk”, is a simple CLI-driven tool who helps you write and run Chaos Engineering experiment. It supports any target platform you can think of through existing extensions or the ones you write as you need.
Related contents:
2048 game with DevOps practices.
A fully containerized and cloud-native implementation of the classic 2048 game with complete CI/CD pipeline, Kubernetes deployment, and Infrastructure as Code.
One easy way to configure all your workloads. Everywhere.
The Score Specification provides a developer-centric and platform-agnostic Workload specification to improve developer productivity and experience. It eliminates configuration inconsistencies between environments.
Containers and Kubernetes.
The best free and open source tool for developers to work with containers and Kubernetes. Simplify container management, streamline Kubernetes workflows, and transition from local development to production with ease.
Related contents:
Validate database backup files before migration to prevent costly failures.
BackupGuardian is a comprehensive tool for validating database backup files through deep structural analysis and integrity checking. Get confidence in your migrations before they matter.
Deploys a Lambda function.
Updates the code and configuration of AWS Lambda functions as part of GitHub Actions workflow steps. Supports both .zip file archives and container images stored in Amazon ECR.
Related contents:
Cut Your GitHub Actions Bill by 90%.
Self-hosted GitHub Actions runners made simple. For AWS. 10x cheaper, 30% faster, and unlimited caching. Best alternative to Actions Runner Controller.
RunsOn is the modern way to run self-hosted GitHub Actions runners of any size, at the cheapest price available. Think of it as your best alternative to the Actions Runner Controller (ARC) for Kubernetes, the Philips terraform module, or any of the third party providers that require deep access to your code and secrets.
🌊 Interactive CLI tool to update GitHub Actions to latest versions with SHA pinning .
Actions Up scans your workflows and composite actions to discover every referenced GitHub Action, then checks for newer releases.
Interactively upgrade and pin actions to exact commit SHAs for secure, reproducible CI and low-friction maintenance.
Terraform-style, declarative schema migration for Postgres.
pgschema is a CLI tool that brings terraform-style declarative schema migration workflow to Postgres.
The latest DevOps news, tutorials, and guides. Real Guides for Real Engineers.
Practical DevOps tips, tools, and tutorials. No fluff.
Tired of pushing to test your .gitlab-ci.yml?
Run gitlab pipelines locally as shell executor or docker executor. Get rid of all those dev specific shell scripts and make files.
infrastructure made simple with Python.WS for Python devs - made simple.
Build AWS apps in high-level Python with smart defaults. Keep full control when you need it. No YAML, JSON or HSL. No clicking through consoles. No configuration hell.
Stelvio is a Python framework that simplifies AWS cloud infrastructure management and deployment. It lets you define your cloud infrastructure using pure Python, with smart defaults that handle complex configuration automatically.
MCP DigitalOcean Integration is an open-source project that provides a comprehensive interface for managing DigitalOcean resources and performing actions using the DigitalOcean API. Built on top of the godo library and the MCP framework, this project exposes a wide range of tools to simplify cloud infrastructure management.
Related contents:
Validate and Run GitHub Actions locally.
WRKFLW is a powerful command-line tool for validating and executing GitHub Actions workflows locally, without requiring a full GitHub environment. It helps developers test their workflows directly on their machines before pushing changes to GitHub.
Related contents:
Effortlessly run tasks and manage your services on AWS ECS (Elastic Container Service).
RunECS is a cross-platform tool available for macOS, Linux, and Windows.
Ephemeral GitHub Runners with Secure Multi-Tenant Isolation.
ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automates isolated runner provisioning on Kubernetes or EC2, with built-in OIDC, IAM, cost optimization, and deep observability.
Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source) .
SlimToolkit allows developers to inspect, optimize and debug their containers using its xray, lint, build, debug, run, images, merge, registry, vulnerability (and other) commands. It simplifies and improves your developer experience building, customizing and using containers. It makes your containers better, smaller and more secure while providing advanced visibility and improved usability working with the original and minified containers.
Cut your dev loop from hours to seconds. The fastest way to deliver code. Connect your local process and your cloud environment, and run local code in cloud conditions.
mirrord lets you run your microservice locally with seamless access to everything in the cloud—speeding up development, improving code quality, and reducing cloud costs.
Related contents:
A Graphical IDE for Kubernetes.
Freelens is a Kubernetes IDE that provides a graphical interface for managing and monitoring Kubernetes clusters. Freelens is maintained by the community.
Freelens is a free and open-source user interface designed for managing Kubernetes clusters. It provides a standalone application compatible with macOS, Windows, and Linux operating systems, making it accessible to a wide range of users. The application aims to simplify the complexities of Kubernetes management by offering an intuitive and user-friendly interface.
Fearless Kubernetes App Updates. Check your Kubernetes manifests before it hits the cluster.
kubechecks allows users of Github and Gitlab to see exactly what their changes will affect on their current ArgoCD deployments, as well as automatically run various conformance test suites prior to merge.
Analyze Azure resources and identify whether they comply with Azure's best practices and recommendations.
Azure Quick Review (azqr) is a powerful command-line interface (CLI) tool that specializes in analyzing Azure resources to ensure compliance with Azure's best practices and recommendations. Its main objective is to offer users a comprehensive overview of their Azure resources, allowing them to easily identify any non-compliant configurations or areas for improvement.
Push docker images directly to remote servers without an external registry.
Unregistry is a lightweight container image registry that stores and serves images directly from your Docker daemon's storage.
The included docker pussh command (extra 's' for SSH) lets you push images straight to remote Docker servers over SSH. It transfers only the missing layers, making it fast and efficient.
zizmor is a static analysis tool for GitHub Actions. It can find many common security issues in typical GitHub Actions CI/CD setups.
Related contents:
Kubernetes distribution for bare-metal, on-prem, edge, IoT.
k0s is the simple, solid & certified Kubernetes distribution that works on any infrastructure: bare-metal, on-premises, edge, IoT, public & private clouds. It's 100% open source & free.
Related contents:
Free labs and playgrounds for learning Kubernetes, Cloud, DevOps and AI.
Select the tools you want to include in your docker-compose.yaml
DockerComposeMaker (DCM) is a self-hostable website to help you pick and create a docker-compose.yml file for your home server. Discover new containers, discover and share a config in a couple of clicks!
Related contents:
GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, Bitbucket, CircleCI, GitLab, Jenkins, and Travis CI pipelines to GitHub Actions.
Automatically manage Cloudflare DNS from Docker container labels. Simplifies DNS for Docker/Compose. Inspired by External-DNS but built specifically for docker environments and homelabs.
Sherpa-DNS is a python application designed to create and manage DNS records for services defined in docker compose stacks or stand-alone docker containers via labels. It draws inspiration from the Kubernetes External-DNS project but is specifically tailored for docker environments.
Python app implementing a read-through cache for Bitwarden Secrets Manager (BWS) secrets.
When a secret is queried, not only is the secret cached in memory, but a mapping between ID and key is also cached. This allows lookup by either ID or key, as shown below.
Production-Grade Container Scheduling and Management.
Kubernetes, also known as K8s, is an open source system for automating deployment, scaling, and management of containerized applications.
Related contents:
- How Kubernetes Works Internally? @ System Design Codex.
- Minimum vital pour survivre sur un sujet Kubernetes @ Téotime Pacreau :fr:.
- Formation Kubernetes : Admin & Développeurs @ DevSecOps :fr:.
- How To Run Kubernetes Commands in Go: Steps and Best Practices @ The New Stack.
- Kubernetes Is Powerful, But Not Secure (at least not by default) @ Tigera.
- Docker to Kubernetes: The 30-Day Migration Path Every Developer Should Know @ Teamcamp's dev.to.
- Beyond the surface - Exploring attacker persistence strategies in Kubernetes @ Raesene's Ramblings.
- The Myths (and Costs) of Running Node.js on Kubernetes @ Platformatic.
- k8s-1m: fully functional Kubernetes cluster with 1 million active nodes.
- Investigating and fixing "StopPodSandbox from runtime service failed" Kubelet errors @ Marcus Noble.
- Managing Kubernetes Workloads Using the App of Apps Pattern in ArgoCD-2 @ CNCF.
- How to use AI to make Kubernetes monitoring smarter @ Danlio's Medium.
- Why Kube-State-Metrics Matters for Kubernetes Observability @ weeklycloud's Medium.
- 64GB RAM Kubernetes Cluster for €39/month — Part 1: Proxmox & LVM & NAT @ TrackIT Blog.
- A Practical Guide to Running NVIDIA GPUs on Kubernetes @ jimangel.io.
- Preventing Kubernetes from Pulling the Pause Image from the Internet @ Kyle Cascade.
- Ten Common Kubernetes Misconfigurations That Cause Outages (And What You Can Do About It) @ Cloud Native Now.
- Wrangling Kubernetes contexts @ natkr's ramblings.
- In-place Pod resizing in Kubernetes: How it works and how to use it @ Palark's Blog.
- Kubernetes Metrics: Types, Tools, & Monitoring Guide @ spacelift.
- How to Troubleshoot Common Kubernetes Errors (2025 Guide) @ Spacelift.
- Kubernetes Optimization using In-Place Pod Resizing and Zone-Aware Routing @ halodoc.
- What's Wrong with Kubernetes Today @ DevZero.
- How I think about Kubernetes @ Georgi Arnaudov.
- A Brief Deep-Dive into Attacking and Defending Kubernetes @ Heilan Cyber.
- Le premier intérêt de Kubernetes n'est pas le scaling @ mcorbien.fr :fr:.
- Kubernetes Rolling Updates for Reliable Deployments @ spacelift.
- Kubernetes 1.35 features that change Day 2 operations @ The New Stack.
- How to Setup Kubectl Aliases with Kuberc (Native Method) @ Devopscube.
- Scaling Nodes From Zero - The Bottleneck @ Labyrinth Labs.
- Learn Kubernetes – Full Handbook for Developers, Startups, and Businesses @ freeCodeCamp.
- Managing Kubernetes Secrets with Mozilla SOPS and AGE @ Cyril Baah's Medium.
- Registry mirror authentication with Kubernetes secrets @ CNCF.
- When Kubernetes Is the Wrong Default @ DevOps Daily.
A modern web application for viewing and interacting with Docker container ports. Built with TypeScript, React, and Material-UI, it provides a user-friendly interface to manage and access your Docker containers.
Build better APIs faster. Open source API management platform.
Redefined API management for developers. Quickly add API keys, rate limiting, and usage analytics to your API at any scale.
Free and open source PaaS framework for building clouds.
Transform a set of bare metal servers into an intelligent system with a simple REST API for spawning Kubernetes clusters, Databases-as-a-Service, virtual machines, load balancers, HTTP caching services, and other services with ease.
Stateless cluster local OCI registry mirror.
Speed up container pulls and minimize downtime with a stateless peer-to-peer OCI registry mirror for efficient image distribution.
Related contents:
CLI tool to easily migrate Kubernetes persistent volumes.
pv-migrate is a CLI tool/kubectl plugin to easily migrate the contents of one Kubernetes PersistentVolumeClaim to another.
Extensible platform for infrastructure management.
Shifting infrastructure management to a friendlier place. Clutch provides everything you need to improve your developers' experience and operational capabilities. It comes with several out-of-the-box features for managing cloud-native infrastructure, but is easily configured or extended to interact with whatever you run, wherever you run it.
Local CI. Sign off on your own work.
A GitHub CLI extension for local CI. Run your tests on your own machine and sign off when they pass.
Remote CI runners are fantastic for repeatable builds, comprehensive test suites, and parallelized execution. But many apps don't need all that. Maybe yours doesn't either.
The platform engineering toolkit for Kubernetes.
Koreo is a Platform Engineering toolkit focused on making the Platform Engineer's life easier so that they can focus on making product developers lives' easier.
Koreo is a new approach to Kubernetes configuration management and resource orchestration empowering developers through programmable workflows and structured data