Top 7 Go Compliance Projects

OPA (Open Policy Agent)

26 5,868 9.7 Go

An open source, general-purpose policy engine.

Project mention: Policyer Action | dev.to | 2021-12-05

Policyer is an open source project (more like a vision) I created after inspired by policy engines that become very popular lately (OPA,Checkov) Policyer going to focus on providing platform to run and create meaningful reports, data engagement and plugin system to let you provide any data, some time it can be k8s yaml and in other it can be user data.
tfsec

6 3,560 9.6 Go

Security scanner for your Terraform code

Project mention: Container security best practices: Comprehensive guide | dev.to | 2021-11-16

If you are using infrastructure as code, incorporate IaC scanning tools like Apolicy, Checkov, tfsec, or cfn_nag to validate the configuration of your infrastructure before it is created or updated. Similar to other linting tools, apply IaC scanning tools locally and in your pipeline, and consider blocking changes that introduce security issues.
Nanos

github.com/nanovms
sponsored

Run Linux Software Faster and Safer than Linux with Unikernels.
immudb

13 3,337 9.9 Go

immudb - world’s fastest immutable database, built on a zero trust model

Project mention: Notes on Web3 | news.ycombinator.com | 2021-11-18

I thought I was the only one who thought this but thank god others think the same.
### Main uses ?
Most people talk about censorship and decentralization but what percentage of consumers care about it negligible.
If you want to fight against censorship then just create a website on dark web ( like NYT has ), you can also use tools like Onion Share ( I haven't tested it yet ) if you have no idea how to do complicated stetting up of a dark web site.
### Decentralization
WEB 3.0 people talk about decentralization and spread their word on Twitter and discord ( Centralized means of communication ) but will never host a node of mastodon or Matrix Chat, which is a real way forward if you want to fight these platforms but no as if they will do then people will know, Oh Shit Decentralized web already exists and this will drop the value of token will drop as people will know there it no future in wasting hardware capabilities for nothing. Even a silly dog shit coin ( DOGE ) can has so much value what the hell is going on, its not even limited.
When people talk about IPFS they can only say it is decentralized and stuff but can it ever compete with the speed and cost efficiency of AWS S3, GCP Storage or Azure's offering, or even a self hosted 3 replica set on MinIO, never. And we have go guarantee of availability on IPFS so that's a big no at least for me. Also it is so slow that Cloudflare is caching content on IPFS they told in their recent blog post, so where is the decentralized bit am I missing something.
Also some decentralized blockchains have invite only miners program, so where is decentralization, am I missing some thing ?
### Is it forever ?
NO. Believe Me.
Who the hell is going to use mining resources used now when all coins are mined out and sold. No one with a right mind, as there will be a very less incentive to do so. And who will stop the spread of misinformation without censorship, well we can't ( theoretically ).
### Environmental Impact
Now let's talk about environmental impact that no one is going to talk about, why "We don't do that here.". It is one of the worst in a news article I read recently it said that it takes energy that would be required by 2 households in a day to process one transaction on Bitcoin. Global Warming WTF is that ask crypto coins.
### How do coin and protocol developers make money ?
While doing research about WEB 3.0, I was wondering how the hell are companies developing products will make their money to remain in business and thus maintaining the projects and you how they will keep around about 15-20% or more of initial coins for them. Or if it is a company like Brave ( makers of brave browser who blocks others ads and show people their ads and makers of token BAT ) pre mint all the coins and wallah here comes the centralization in the coin.
Web 3.0 can never obtain or create new innovative technologies like FANG as they can hire best engineers who really enjoy their work and their salary do not depend on value a silly token so they try to promote it everywhere they go.
Now companies like twitter and discord and facing backlash as they unveil their plans to use tokens, so that's actually good I think.
### Any Solution:
Yes, if you are on the immutability train let me introduce you to ImmuDB https://github.com/codenotary/immudb it is a super fast, so fast that blockchains can never accomplish these speeds "SQL SQL SQL" database which is so much more feature rich then the dumb blockchain.
If you are on public ledger thing then just create a read-only node of database and let it open to public so everyone can use it, there are 1000s if not millions of people who know SQL that only few who the blockchain protocols.
### How can a blockchain be destroyed ?
Simple Method
cloudquery

39 2,005 8.7 Go

The open-source cloud asset inventory powered by SQL.

Project mention: What is your biggest pain when using the AWS Console? | reddit.com/r/aws | 2021-12-02

Search across accounts and regions. This is why we open-sourced https://github.com/cloudquery/cloudquery
Databunker

35 922 8.7 Go

Secure SDK/vault for personal records/PII built to comply with GDPR

Project mention: Practical GDPR Compliance Guide for Startup Founders | reddit.com/r/selfhosted | 2021-12-01
kubeconform

2 350 7.9 Go

A FAST Kubernetes manifests validator, with support for Custom Resources!

Project mention: Securing Kubernetes Deployments | dev.to | 2021-11-08

wget https://github.com/yannh/kubeconform/releases/download/v0.4.12/kubeconform-linux-amd64.tar.gz tar xf kubeconform-linux-amd64.tar.gz sudo cp kubeconform /usr/local/bin checkout kubeconform --summary deployment.yml
opa-envoy-plugin

1 221 7.6 Go

A plugin to enforce OPA policies with Envoy

Project mention: OPA + Istio/Envoy: ConfigMap | reddit.com/r/OpenPolicyAgent | 2021-02-23

I'm observing the quick_start.yaml provided by OPA and trying to comprehend what's happening in the inject.rego resource (proper name?) under the ConfigMap. Can anyone break it down for me a bit? I think I have an inkling of what's happening but not sure.
Scout APM

scoutapm.com
sponsored

Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-12-05.

Go Compliance related posts

How do businesses apply permissions to their data?
1 project | reddit.com/r/learnprogramming | 29 Nov 2021
Authentication between services with static token
1 project | reddit.com/r/golang | 3 Oct 2021
Expose and authenticate aggregated knative services in a nice way
1 project | reddit.com/r/kubernetes | 1 Sep 2021
How valuable is a simplified GUI to control, monitor, and alert on cloud infrastructure for your teams? Is it a problem that needs solving?
2 projects | reddit.com/r/bioinformatics | 29 Aug 2021
Open Policy Agent v0.29.1 released
1 project | news.ycombinator.com | 28 May 2021
Terraforming in 2021 – new features, testing and compliance
12 projects | dev.to | 2 May 2021
Open Policy Agent – Policy-based control for cloud native environments
1 project | news.ycombinator.com | 29 Apr 2021

Index

What are some of the best open-source Compliance projects in Go? This list will help you:

	Project	Stars
1	OPA (Open Policy Agent)	5,868
2	tfsec	3,560
3	immudb	3,337
4	cloudquery	2,005
5	Databunker	922
6	kubeconform	350
7	opa-envoy-plugin	221

Find remote jobs at our new job board 99remotejobs.com. There are 32 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.