regula
gitlab
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
regula
-
Top 10 terraform tools you should know about.
Regula is a dynamic tool designed for pre-deployment security and compliance checks of infrastructure as code (IaC) for multiple cloud providers and Kubernetes. It supports an array of file types, including CloudFormation JSON/YAML templates, Terraform source code and JSON plans, Kubernetes YAML manifests, and Azure Resource Manager (ARM) JSON templates (currently in preview). Regula leverages a rule library written in Rego, the language used by the Open Policy Agent (OPA) project, offering robust policy evaluation. It integrates seamlessly with popular CI/CD tools like Jenkins, Circle CI, and AWS CodePipeline, and even includes a GitHub Actions example for easy setup. Regula’s policies are aligned with CIS Benchmarks for AWS, Azure, Google Cloud, and Kubernetes, aiding in comprehensive compliance assessments. This tool is actively developed and maintained by the team at Fugue.
-
Regula v1.0 is Now Available — Open Source Infrastructure as Code Security
Regula on Github: https://github.com/fugue/regula
-
Best static code analysis tool for Terraform?
Fugues Regula is built on OPA. It’s worth a look. https://github.com/fugue/regula
gitlab
- Code Search Is Hard
- XZ Backdoor Investigation Request to Gitlab Team
-
Client side Git hooks 101
(Side note: Issues are usually hash-prefixed like #1234 both on GitLab and GitHub. However, commit messages must not begin with a hash, they would be considered a comment and ignored. Therefore, GitHub has introduced the alternative prefix GH- and I've contributed a similar prefix GL- to GitLab a while ago.)
- Assign Issue to an AI Developer
-
BuildKit in depth: Docker's build engine explained
and its "oh, you want multi-arch, do you?" friend. While prosecuting this <https://gitlab.com/gitlab-org/gitlab/-/issues/339567> I learned that https://hub.docker.com/layers/multiarch/qemu-user-static/7.2... actually mutates the binfmt_misc in buildx's context in order to exec the static copy of qemu in it https://github.com/multiarch/qemu-user-static/blob/v7.2.0-1/...
and, that the buildx plugin itself has some qemu magick in it, which got addressed in a minor version bump but I couldn't track down the relevant GitHub issue this second (I've flushed it from my mind, only recalling that there were a lot of actors in that tire fire)
-
Gitlab password reset bug leaves more than 5.3K servers up for grabs
This is actually a follow-up refactor, the fix is here: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec43798...
- ExifTool CVE-2021-22204 – Arbitrary Code Execution
- Critical Gitlab vulnerability exposes 2FA-less users to account takeovers
- Upcoming critical Gitlab security issue
-
I Love Ruby
This made me curious. Having never read the gitlab code before, and on mobile, took all of about 30 seconds to find https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/ro...
Those are some pretty clean routes!
What are some alternatives?
terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
Gitea - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
onedev - Git Server with CI/CD, Kanban, and Packages. Seamless integration. Unparalleled experience.
rich-markdown-editor - The open source React and Prosemirror based markdown editor that powers Outline. Want to try it out? Create an account:
gitlab-foss
chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
Gitbucket - A Git platform powered by Scala with easy installation, high extensibility & GitHub API compatibility
dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
semantic-release - :package::rocket: Fully automated version management and package publishing
Redmine - Mirror of redmine code source - Official Subversion repository is at https://svn.redmine.org/redmine - contact: @vividtone or maeda (at) farend (dot) jp