go-containerregistry by google

Go library and CLIs for working with container registries

updated at May 25, 2024, 6:52 a.m.

36 +0

2,989 +8

505 +1

goss by goss-org

Quick and Easy server testing/validation

updated at May 25, 2024, 1:39 a.m.

81 -1

5,452 +1

471 +0

singularity by apptainer

Singularity has been renamed to Apptainer as part of us moving the project to the Linux Foundation. This repo has been persisted as a snapshot right before the changes.

updated at May 25, 2024, 12:58 a.m.

89 +0

2,506 +2

424 +0

img by genuinetools

Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder.

updated at May 24, 2024, 10:36 p.m.

52 +0

3,865 +1

229 +0

container-diff by GoogleContainerTools

container-diff: Diff your Docker containers

updated at May 24, 2024, 7:22 p.m.

64 +0

3,745 +4

233 +2

Whaler by P3GLEG

Program to reverse Docker images into Dockerfiles

updated at May 24, 2024, 3:08 p.m.

24 +0

1,032 +4

92 +0

subuser by subuser-security

Run programs on linux with selectively restricted permissions.

updated at May 24, 2024, 3:05 p.m.

26 +0

887 +2

65 +0

udocker by indigo-dc

A basic user tool to execute simple docker containers in batch or interactive systems without root privileges.

updated at May 24, 2024, 1 p.m.

34 +0

1,242 +7

130 +1

railcar by oracle

RailCar: Rust implementation of the Open Containers Initiative oci-runtime

updated at May 24, 2024, 11:30 a.m.

52 +0

1,114 +1

102 +0

nsjail by google

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.

updated at May 24, 2024, 10:55 a.m.

90 +0

2,812 +3

265 +1

runv by hyperhq

Hypervisor-based Runtime for OCI

updated at May 24, 2024, 8:20 a.m.

43 +0

826 +1

129 +0

photon by vmware

Minimal Linux container host

updated at May 24, 2024, 3:03 a.m.

188 +0

2,986 +2

705 +1

oci-seccomp-bpf-hook by containers

OCI hook to trace syscalls and generate a seccomp profile

updated at May 23, 2024, 1:23 p.m.

14 +0

288 +1

34 +0

rkt by rkt

[Project ended] rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.

updated at May 23, 2024, 12:58 p.m.

422 +0

8,823 -2

887 +0

cnab-spec by cnabio

Cloud Native Application Bundle Specification

updated at May 22, 2024, 2:42 a.m.

51 +0

946 +1

99 -22

bane by genuinetools

Custom & better AppArmor profile generator for Docker containers.

updated at May 20, 2024, 9:25 p.m.

34 +0

1,148 -1

85 +0

sockguard by buildkite

A proxy for docker.sock that enforces access control and isolated privileges

updated at May 16, 2024, 9:21 p.m.

23 +1

143 +0

22 +0

porto by yandex

Yet another Linux container management system

updated at May 15, 2024, 7:23 p.m.

43 +0

394 +0

53 +0

docker-pushrm by christian-korneck

"Docker Push Readme" - a Docker CLI plugin to update container repo docs

updated at May 15, 2024, 1:57 p.m.

5 +0

132 +0

4 +0

vagga by tailhook

Vagga is a containerization tool without daemons

updated at May 15, 2024, 5:24 a.m.

49 +0

1,854 +0

96 +0