SaaSHub helps you find the best software and product alternatives Learn more →
Datree Alternatives
Similar projects and alternatives to datree
-
polaris
Validation of best practices in your Kubernetes clusters (by FairwindsOps)
-
KubeArmor
Cloud-native Runtime Security Enforcement System. [CNCF Sandbox Project]
-
InfluxDB
Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.
-
kube-score
Kubernetes object analysis with recommendations for improved reliability and security
-
reviewdog
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
-
-
Golang API Starter Kit
Go Server/API boilerplate using best practices DDD CQRS ES gRPC
-
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
polaris
Shopify’s design system to help us work together to build a great experience for all of our merchants.
-
-
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
-
-
awesome-jsonschema
A curated list of awesome JSON Schema resources, tutorials, tools, and more.
-
-
-
-
Grafana
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
-
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
datree reviews and mentions
- Is OPA Gatekeeper the best solution for writing policies for k8s clusters?
- Question for the Argo-Verse
-
How to create a react app with Go support using WebAssembly in under 60 seconds
Go is a statically typed, compiled programming language designed at Google, it is syntactically similar to C, but with memory safety, garbage collection, structural typing, and CSP-style concurrency. In my case, I needed to run Go for JSON schema validations, in other cases, you might want to perform a CPU-intensive task or use a CLI tool written in Go.
-
Gatekeeper vs Kyverno
I worked with both of them and from my experience Gatekeeper is more solid and accountable, I even wrote an article about Gatekeeper. Both Gatekeeper and Kyverno require a lot of heavy lifting work. On the one hand, Gatekeeper will probably require more configuration work however the community and the tool itself are more stable than Kyverno. On the other hand, Kyverno policy-as-code capabilities are much easier to use/understand. This way or another, for me using Kyverno’s policy language or Rego for my policies, wasn’t such a pleasant experience. I personally believe in GitOps and shifting left so if you’re looking for tools I would highly recommend you to review Datree, which is an open-source CLI (Disclaimer: I’m one of the developers at Datree). Datree is a more centralized policy management solution rather than a policy engine. Unlike Kyverno/Gatekeeper Datree was built to help DevOps teams to shift left and practice GitOps by delegating more responsibilities to the developers more efficiently. In practice, Datree already comes with built-in rules and policies along with YAML and schema validation for K8s resources and CRDs such as Argo CRDs. Datree’s policies are written in JSONScheme which is a common solid policy language supported by the community for many years. Additionally, Datree’s CLI also comes with a dashboard app where you can monitor the policies in your organization. You can modify and update your policies, review which policies are being used in practice, and control who can create/delete/update your policies. The major difference is that at the moment, unlike Kyverno/Gatekeeper Datree doesn’t provide native policy enforcement in the Kubernetes cluster at the moment but we expect to release this support very soon. At the moment, we provide a way to scan the cluster using a kubectl plugin. Feel free to check it out :)
-
Working with Datree’s Helm Plugin
$ helm plugin install https://github.com/datreeio/helm-datree Installing helm-datree... https://github.com/datreeio/datree/releases/download/1.0.6/datree-cli_1.0.6_Darwin_x86_64.zip % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 673 100 673 0 0 1439 0 --:--:-- --:--:-- --:--:-- 1469 100 6901k 100 6901k 0 0 1852k 0 0:00:03 0:00:03 --:--:-- 2865k helm-datree is installed. See https://hub.datree.io for help getting started. Installed plugin: datree
-
Top 200 Kubernetes Tools for DevOps Engineer Like You
TerraScan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. klum - Kubernetes Lazy User Manager Kyverno - Kubernetes Native Policy Management https://kyverno.io kiosk - kiosk office Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning kube-bench - CIS Kubernetes Benchmark tool kube-hunter - Pentesting tool - Hunts for security weaknesses in Kubernetes clusters kube-who-can - Show who has RBAC permissions to perform actions on different resources in Kubernetes starboard - Kubernetes-native security toolkit Simulator - Kubernetes Security Training Platform - Focussing on security mitigation RBAC Lookup - Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster https://fairwinds.com Kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls Gangway - An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster Audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs Chartsec - Helm Chart security scanner kubestriker - Security Auditing tool Datree - CLI tool to prevent K8s misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies Krane - Kubernetes RBAC static Analysis & visualisation tool Flaco - The Falco Project - Cloud-Native runtime security Clair - Vulnerability Static Analysis for Containers Anchore Cli - Coomand Line Interface built on top of anchore engine to manage and inspect images, policies, subscriptions and registries Project Quay - Container image registry designed to boost the security of your repositories via vulnerability scanning and tight access control Kubescape - Tool to test if Kubernetes is deployed securely according to multiple frameworks: regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA and the MITRE ATT&CK®
-
Validating Kubernetes Configurations with Datree
Datree is a really good framework for a DevOps person who wants to build a stable Kubernetes manifest (YAML) which is very well tested and secured with custom policies.
-
Show HN: Datree (YC W20): Prevent K8s misconfigurations from reaching production
Developers want to ship features without waiting for infra. And infra teams don't want to “babysit” developers by reviewing config files all day long, essentially acting as human debuggers for misconfigurations.
That’s why I teamed up with Eyar Zilberman to found Datree. Our mission is to help engineering teams prevent Kubernetes misconfigurations from reaching production. We believe that providing guardrails to developers protects their infra changes and frees up DevOps teams to focus on what matters most.
Datree provides a CLI tool (https://github.com/datreeio/datree) that runs automated policy checks against your Kubernetes manifests and Helm charts, identifies any misconfigurations within, and suggests how to fix them. The tool comes with dozens of preset, best-practice rules covering the most common mistakes that could affect your production. In addition, you can write custom rules for your policy.
Our built-in rules are based on hundreds of Kubernetes post-mortems to ensure the prevention of issues such as resource limits/requests (MEM/CPU), liveness and readiness probes, labels on resources, Kubernetes schema validation, API version deprecation, and more.
Datree comes with a centralized policy dashboard enabling the infra team to dynamically configure rules that run on dev computers during the development phase, as well as within the CI/CD process. This central control point propagates policy checks automatically to all developers/machines in your company.
We initially launched Datree as a general purpose policy engine (see our YC Launch https://news.ycombinator.com/item?id=22536228) in which you could configure all sorts of rules, but the market drove our focus toward infrastructure-as-code and, more specifically, Kubernetes, one of the most painful points of friction between developers and infrastructure teams.
When we adjusted to a Kubernetes-focused product, we pivoted our top-down sales-driven model to a wholly new bottom-up adoption-driven model focused on the user.
Our new dev tool is self-served and open-source. Hundreds of companies are using it to prevent Kubernetes misconfigurations and, in turn, are helping the tool improve by opening issues and submitting pull requests on GitHub.
Today we are a “product-led growth” company, which is a relatively new business methodology centered on user adoption driving product demand toward monetization. Our product is well suited for self-evaluation and immediate value delivery. No more demo calls — just 2 quick steps to try the product yourself!
TechWorld with Nana did a deep technical review of our product, which can be viewed at https://www.youtube.com/watch?v=hgUfH9Ab258.
We look forward to hearing your feedback and answering any questions you may have.
Thank you :)
-
A note from our sponsor - #<SponsorshipServiceOld:0x00007fea593fd2c0>
www.saashub.com | 1 Feb 2023
Stats
datreeio/datree is an open source project licensed under Apache License 2.0 which is an OSI approved license.