Infra Roast
CLI tool that detects risky infrastructure configurations.
Screenshots
The Problem
Infrastructure configurations often contain dangerous defaults like running containers as root or missing resource limits.
The Solution
Infra Roast analyzes Kubernetes YAML, Dockerfiles, and CI pipelines for risky patterns.
Implementation Details
A simple misconfiguration in a YAML file can lead to a major security breach or an unmanaged cost spike. Infra Roast is a CLI tool designed to find these "roastable" moments before they hit production.
Policy as Code
We used Open Policy Agent (OPA) to define the security and cost rules. This allows teams to add their own custom policies without re-compiling the tool.
CLI Excellence
Built with Go and Cobra, the CLI is fast and provides actionable feedback with direct links to documentation for every violation found. It's designed to be used both by individual developers and within CI pipelines.