OSS Projects
As part of my professional activity, I have worked on a number of open source projects, which are listed below (this is not necessarily an explicit list).
Cloud π Native
Product OwnerPlatform EngineerDevOps EngineerDeveloperIntroduction
Cloud π Native - CPiN - is a French government PaaS running on top of Kubernetes (Vanilla, Openshift or RKE), it provides a software factory and DevSecOps orchestrator to produce and operate high-quality digital services for users (primarily targeting those producing public digital content).
The platform exposes a console that provides a unified interface to a range of services, while guaranteeing overall system consistency with the automatic creation of a number of resources, such as access accounts, bots and Kubernetes resources. In addition to automatic provisioning, it also guarantees control within the project through the management of teams, permissions, quotas, etc...
The console is built around a core/plugin system that extends the platform's capabilities by connecting additional services to the hook system.
Technologies
Main technologies I worked with on the project :
- Ansible - automation engine that enables infra as code.
- Docker - container orchestrator system.
- GitHub Actions - continuous integration / continuous delivery platform.
- Helm - package manager for kubernetes.
- Kind - tool for running local kubernetes clusters using docker.
- Kubernetes - container orchestrator system.
- Nodejs - cross-platform javascript runtime environment.
- Vuejs - progressive javascript frontend framework.
Main Kubernetes services I worked with on the project :
| Service | Description |
|---|---|
| Argo-cd | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. |
| Falco | Cloud-native security tool designed for Linux systems. It employs custom rules on kernel events, which are enriched with container and Kubernetes metadata, to provide real-time alerts. |
| Harbor | Open source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. |
| Gitlab | DevOps software package that can develop, secure, and operate software. |
| Grafana | Query, visualize, alert on, and understand your data no matter where it’s stored. With Grafana you can create, explore, and share all of your data through beautiful, flexible dashboards. |
| Keycloak | Open Source Identity and Access Management. Add authentication to applications and secure services with minimum effort. Keycloak provides user federation, strong authentication, user management, fine-grained authorization, and more. |
| Kyvervo | Policy engine designed for Kubernetes. Kyverno policies can validate, mutate, generate, and cleanup Kubernetes resources, and verify image signatures and artifacts to help secure the software supply chain. |
| Loki | Easily collect, correlate, and visualize data with beautiful dashboards using Grafana — the open source data visualization and monitoring solution that drives informed decisions, enhances system performance, and streamlines troubleshooting. |
| Nexus | Centralized, scalable universal repository management. |
| Prometheus | Prometheus is a free software application used for event monitoring and alerting. It records metrics in a time series database (allowing for high dimensionality) built using an HTTP pull model, with flexible queries and real-time alerting. |
| Sonarqube | Self-managed, open source, automatic code review tool that systematically helps you deliver Clean Code. |
| Vault | Secure, store, and tightly control access to tokens, passwords, certificates, and encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. |
| Velero | Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes. |
Sources
All public sources of the project are available here.