{"id":51173229,"url":"https://github.com/gobifrost/bifrost","last_synced_at":"2026-06-27T02:01:46.844Z","repository":{"id":320972320,"uuid":"1074603568","full_name":"gobifrost/bifrost","owner":"gobifrost","description":"Bifrost Integrations is an open-source automation platform designed to democratize best-in-class tooling for the emerging Integration Services industry - before venture capital gets the chance to own something we’re all incredibly passionate about: solving problems with automation.","archived":false,"fork":false,"pushed_at":"2026-06-26T05:16:48.000Z","size":39900,"stargazers_count":46,"open_issues_count":15,"forks_count":11,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-06-26T05:22:01.154Z","etag":null,"topics":["ai","automation","msp"],"latest_commit_sha":null,"homepage":"https://gobifrost.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gobifrost.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-10-12T05:37:54.000Z","updated_at":"2026-06-26T04:55:24.000Z","dependencies_parsed_at":"2025-12-29T04:01:55.514Z","dependency_job_id":null,"html_url":"https://github.com/gobifrost/bifrost","commit_stats":null,"previous_names":["jackmusick/bifrost-api","gobifrost/bifrost"],"tags_count":16,"template":false,"template_full_name":null,"purl":"pkg:github/gobifrost/bifrost","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gobifrost%2Fbifrost","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gobifrost%2Fbifrost/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gobifrost%2Fbifrost/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gobifrost%2Fbifrost/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gobifrost","download_url":"https://codeload.github.com/gobifrost/bifrost/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gobifrost%2Fbifrost/sbom","scorecard":{"id":1246674,"data":{"date":"2026-04-28T12:39:42Z","repo":{"name":"github.com/jackmusick/bifrost","commit":"8d1111ef2674ca10eafa0ed0e2cfbb33d1b002e9"},"scorecard":{"version":"v5.3.0","commit":"c22063e786c11f9dd714d777a687ff7c4599b600"},"score":8,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#maintained"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dependency-update-tool"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/24 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:474","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:171","Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:392","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/ci.yml:560","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:27","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:29","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/dependabot-auto-merge.yml:25","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/dependabot-lockfile-regen.yml:36","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:30","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecard.yml:31","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci-noop.yml:51","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:54","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependabot-auto-merge.yml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/dependabot-lockfile-regen.yml:27","Info: topLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:21"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":9,"reason":"dependency not pinned by hash detected -- score normalized to 9","details":["Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: test.sh:86","Warn: npmCommand not pinned by hash: api/Dockerfile:66","Warn: npmCommand not pinned by hash: api/Dockerfile:70","Warn: npmCommand not pinned by hash: api/Dockerfile.dev:65","Warn: npmCommand not pinned by hash: api/Dockerfile.dev:69","Info:  21 out of  21 GitHub-owned GitHubAction dependencies pinned","Info:  24 out of  24 third-party GitHubAction dependencies pinned","Info:   9 out of   9 containerImage dependencies pinned","Info:   5 out of   5 pipCommand dependencies pinned","Info:   4 out of   8 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU Affero General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: Passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 29 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#sast"}},{"name":"Signed-Releases","score":8,"reason":"1 out of the last 1 releases have a total of 1 signed artifacts.","details":["Info: signed release artifact: bifrost-v0.8.0-source.tar.gz.sigstore: https://github.com/jackmusick/bifrost/releases/tag/v0.8.0","Warn: release artifact v0.8.0 does not have provenance: https://api.github.com/repos/jackmusick/bifrost/releases/313863872"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":4,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'","Info: 'stale review dismissal' is required to merge on branch 'main'","Warn: branch 'main' does not require approvers","Warn: codeowners review is not required on branch 'main'","Warn: 'last push approval' is disabled on branch 'main'","Info: 'up-to-date branches' is required to merge on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:468"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#packaging"}},{"name":"Contributors","score":10,"reason":"project has 4 contributing companies or organizations","details":["Info: found contributions from: Midtown-Technology-Group, anthropics, covi, midtown-technology-group"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#contributors"}},{"name":"CI-Tests","score":10,"reason":"30 out of 30 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/c22063e786c11f9dd714d777a687ff7c4599b600/docs/checks.md#ci-tests"}}]},"last_synced_at":"2026-04-28T14:23:58.340Z","repository_id":320972320,"created_at":"2026-04-28T14:23:58.340Z","updated_at":"2026-04-28T14:23:58.340Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34839005,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-27T02:00:06.362Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","automation","msp"],"created_at":"2026-06-27T02:01:43.883Z","updated_at":"2026-06-27T02:01:46.832Z","avatar_url":"https://github.com/gobifrost.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Bifrost Integrations\n\n**Open-source automation platform for Integration Services** - Built to democratize best-in-class tooling before venture capital gets the chance to own something we're all incredibly passionate about.\n\n[![License: AGPL-3.0](https://img.shields.io/badge/License-AGPL--3.0-blue.svg)](LICENSE)\n[![CodeQL](https://github.com/gobifrost/bifrost/actions/workflows/codeql.yml/badge.svg)](https://github.com/gobifrost/bifrost/actions/workflows/codeql.yml)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/gobifrost/bifrost/badge)](https://securityscorecards.dev/viewer/?uri=github.com/gobifrost/bifrost)\n[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/12665/badge)](https://www.bestpractices.dev/projects/12665)\n[![FastAPI](https://img.shields.io/badge/FastAPI-0.100+-green.svg)](https://fastapi.tiangolo.com/)\n[![Python](https://img.shields.io/badge/Python-3.11-blue.svg)](https://www.python.org/)\n[![Docker](https://img.shields.io/badge/Docker-Compose-blue.svg)](https://www.docker.com/)\n[![PostgreSQL](https://img.shields.io/badge/PostgreSQL-15+-blue.svg)](https://www.postgresql.org/)\n\n---\n\n## Table of Contents\n\n-   [What is Bifrost Integrations?](#what-is-bifrost-integrations)\n-   [Key Features](#key-features)\n-   [Quick Start](#quick-start)\n-   [Documentation](#documentation)\n-   [Security \u0026 Verification](#security--verification)\n-   [Contributing](#contributing)\n-   [License](#license)\n\n---\n\n## What is Bifrost Integrations?\n\nBifrost Integrations is an open-source automation platform designed to democratize best-in-class tooling for the emerging Integration Services industry - **before venture capital gets the chance to own something we're all incredibly passionate about: solving problems with automation**.\n\nBuilt by someone with nearly 20 years of MSP experience and a deep passion for scaling solutions for the industry and its customers, this platform addresses a fundamental gap in the market. Just as early PSA and RMM tools transformed Managed Services, the Integration Services industry needs purpose-built tooling that truly scales automation. Existing RPA platforms are great for rapid development and provide helpful abstractions like OAuth, storage, and monitoring, but **they cannot and will not keep pace with AI-powered development** and have always been constrained by limitations that traditional programming languages do not have.\n\nBifrost Integrations removes those limitations while preserving the light management layer that makes RPA tools valuable - abstracting OAuth workflows, monitoring, configuration, and secret management. It's architected with multi-tenancy at its core, enabling you to scale your Integration Services business without duplicating work across customers. **This is not another RPA tool trying to be everything to everyone**; it's a platform designed specifically to help you build scalable automation businesses without the vendor lock-in.\n\n### What You Can Do with Bifrost Integrations\n\n**Develop with Your Favorite Tools**\n\n-   Use VS Code, Claude Code, and Git for version control\n-   Build with Python and modern development workflows\n-   Test locally before deploying to production\n\n**Build Reusable Integrations**\n\n-   Create integration modules for common platforms (NinjaOne, HaloPSA, Pax8, Microsoft CSP)\n-   Abstract authentication, pagination, and API complexity\n-   Share functionality across all your workflows\n\n**Centralized Connection Management**\n\n-   Automated OAuth refresh flows\n-   Key/value configuration storage per organization\n-   Secure secrets management\n\n**Dynamic Forms and Workflows**\n\n-   Create flexible forms for you and your customers\n-   Build context-aware workflows that adapt based on organization and user\n-   Generate form inputs programmatically from data providers\n\n**Multi-Tenant Architecture**\n\n-   Scope functionality globally or to specific organizations\n-   Deliver value to customers without code duplication or redeployment\n-   Complete data isolation between tenants\n\n### Why Bifrost Integrations Exists\n\nTraditional RPA tools lower the barrier to entry but fall short when you need the full power of a programming language, version control, modern development practices, and AI-assisted workflows. Meanwhile, no one is building a platform truly designed to scale automation in the way early PSA and RMM tools scaled Managed Services. In my opinion, these tools are all good at different things, but they lack the flexibility to deliver solutions for both you and your customers.\n\nBifrost Integrations bridges this gap by giving you the power and flexibility of code with the convenience of RPA-style abstractions - all in an open-source package that you control. **It's built to ensure the next chapter of Integration Services doesn't get ravaged by venture capitalists who prioritize extraction over value creation**.\n\n### For the Non-Developer\n\nWith AI coding tools, proper instructions, a thriving community, and training, it's never been easier to build powerful automations. Traditional RPA tools still require you to understand programming primitives like loops, variables, and conditional logic - they had their own syntax you needed to learn. While Bifrost Integrations may require a slightly higher initial investment to get started, the combination of AI-assisted development and a platform that abstracts the dangerous complexities (authentication, secrets management, API security) means **the ceiling is dramatically higher**.\n\nAI tools like Claude Code, GitHub Copilot, and GPT Codex can help you:\n\n-   Write workflows from natural language descriptions\n-   Debug errors and explain what code is doing\n-   Suggest improvements and optimizations\n-   Generate boilerplate code for common patterns\n\nThe platform handles the hard parts - OAuth flows, credential encryption, multi-tenant isolation, and API authentication - so you can focus on solving business problems. With the right guidance and AI assistance, you can build automations that would have required a full development team just a few years ago, **enabling limitless possibilities for your Integration Services business**.\n\n---\n\n## Key Features\n\n-   **Multi-Tenant Architecture** - Complete data isolation per organization\n-   **OAuth Management** - Automated token refresh and credential storage\n-   **Secrets Management** - Encrypted secrets with Fernet encryption\n-   **Dynamic Workflows** - Python-based with full language capabilities\n-   **Reusable Integrations** - Build once, use across all customers\n-   **AI-Assisted Development** - Built for modern AI coding workflows\n-   **Version Control** - Git-based workflow management\n-   **Hot Reload** - Workflows and forms reload automatically on file changes\n-   **Self-Hostable** - Run anywhere with Docker Compose\n\n---\n\n## Quick Start\n\n### Prerequisites\n\n-   Docker and Docker Compose\n-   Git\n\n### Running with Docker Compose (Recommended)\n\n```bash\n# Clone the repository\ngit clone https://github.com/gobifrost/bifrost.git\ncd bifrost\n\n# Run setup (creates .env with secure random secrets)\n./setup.sh\n\n# Start all services\ndocker compose up\n```\n\nThis starts:\n-   **Client** (React) - http://localhost:3000\n-   **API** (FastAPI) - proxied through client\n-   **PostgreSQL** - Database\n-   **Redis** - Caching and sessions\n-   **RabbitMQ** - Message queue for async workflows\n\n**Access the Platform:**\n\n-   **Client UI**: http://localhost:3000\n-   **API Docs (Swagger)**: http://localhost:3000/api/docs\n-   **API Docs (ReDoc)**: http://localhost:3000/api/redoc\n\n---\n\n## Local Development\n\n### Starting the dev stack\n\nThe full stack runs in Docker with hot reload enabled for both API and client:\n\n```bash\n./debug.sh              # Start all services with hot reload\n```\n\nThis launches PostgreSQL, Redis, RabbitMQ, SeaweedFS for S3-compatible object storage, the API, the client, the scheduler, and workers. Access the app at **http://localhost:3000** — Vite proxies `/api/*` to the API container, so you don't hit the API on a separate port.\n\nChanges to files in `api/src/`, `api/shared/`, and `client/src/` automatically reload — **do not restart containers for code changes.**\n\n```bash\n# View logs\ndocker compose logs -f api\ndocker compose logs -f client\n```\n\n**VS Code debugging:**\n\n```bash\nENABLE_DEBUG=true ./debug.sh\n```\n\nAttach VS Code to port 5678. The API waits for the debugger before starting.\n\nFor the full container-management contract (when to restart what, hot-reload rules, type-generation workflow), see [`CLAUDE.md` → Development Environment](./CLAUDE.md#development-environment-critical---read-first).\n\n### Running Tests\n\nThe test stack runs in Docker and is separate from your dev stack. Boot it once per worktree and run tests as many times as you like — state is reset between runs.\n\n```bash\n# Stack lifecycle (per worktree)\n./test.sh stack up                                 # Boot the test stack\n./test.sh stack reset                              # Fast state reset between runs\n./test.sh stack down                               # Tear down + remove volumes\n\n# Backend tests (stack must be up)\n./test.sh                                          # Unit tests (fast default)\n./test.sh e2e                                      # Backend e2e\n./test.sh all                                      # Unit + e2e (mirrors CI)\n./test.sh tests/unit/test_foo.py::test_bar -v      # Passthrough to pytest\n\n# Client tests\n./test.sh client unit                              # Vitest (no stack needed)\n./test.sh client e2e                               # Playwright in containers\n\n# CI-equivalent (one-shot: boot → run → tear down)\n./test.sh ci\n```\n\nParallel worktrees each get their own isolated stack, so you can run tests in several worktrees simultaneously without conflict.\n\nFor test authoring conventions, fixture layout, and debugging tips, see [`CLAUDE.md`](./CLAUDE.md#testing--quality).\n\n---\n\n## Architecture\n\n```\n┌─────────────┐     ┌─────────────┐     ┌─────────────┐\n│   Client    │────▶│   FastAPI   │────▶│ PostgreSQL  │\n│   (React)   │     │    (API)    │     │  (Database) │\n└─────────────┘     └──────┬──────┘     └─────────────┘\n                           │\n                    ┌──────┴──────┐\n                    ▼             ▼\n              ┌─────────┐   ┌──────────┐\n              │  Redis  │   │ RabbitMQ │\n              │ (Cache) │   │ (Queue)  │\n              └─────────┘   └──────────┘\n```\n\n-   **FastAPI** - Async Python API with automatic OpenAPI documentation\n-   **PostgreSQL** - Primary data store with SQLAlchemy ORM\n-   **Redis** - Session storage and caching\n-   **RabbitMQ** - Async workflow execution queue\n-   **React** - Modern frontend with TypeScript\n\n---\n\n## Documentation\n\nFor detailed documentation on architecture, development, deployment, and usage:\n\n-   **API Documentation**: http://localhost:8000/docs (when running)\n-   **Frontend Repository**: Included in `client/` directory\n\n---\n\n## Security \u0026 Verification\n\nBifrost release artifacts are signed with [Sigstore](https://www.sigstore.dev/) using GitHub's keyless OIDC signing. You can verify any image or release pulled from this repo:\n\n**Verify a Docker image:**\n\n```bash\ncosign verify ghcr.io/gobifrost/bifrost-api:TAG \\\n  --certificate-identity-regexp \"https://github.com/gobifrost/bifrost/.*\" \\\n  --certificate-oidc-issuer https://token.actions.githubusercontent.com\n```\n\n(Same form for `ghcr.io/gobifrost/bifrost-client`.)\n\n**Inspect SLSA build provenance:**\n\n```bash\ngh attestation verify ghcr.io/gobifrost/bifrost-api:TAG --owner gobifrost\n```\n\n**Verify a source tarball** (attached to GitHub Releases):\n\n```bash\ncosign verify-blob \\\n  --bundle bifrost-VERSION-source.tar.gz.sigstore \\\n  --certificate-identity-regexp \"https://github.com/gobifrost/bifrost/.*\" \\\n  --certificate-oidc-issuer https://token.actions.githubusercontent.com \\\n  bifrost-VERSION-source.tar.gz\n```\n\nInstall cosign: https://docs.sigstore.dev/cosign/system_config/installation/\n\n---\n\n## Contributing\n\nThis is intended to be a community-driven project built to ensure the Integration Services industry has the tools it needs without vendor lock-in or extractive pricing. However for the time being, while I work out the kinks, contributions and issues will be closed. Stay tuned!\n\n## License\n\nThis project is licensed under the AGPL License - see the [LICENSE](LICENSE) file for details.\n\n**Why AGPL?** To ensure this platform remains open and available to everyone. If you modify and deploy Bifrost, you must share those modifications with the community. This prevents proprietary forks and ensures improvements benefit everyone.\n\n---\n\n## Why This Matters\n\nIn my opinion, the MSP industry is at a critical juncture. We've all watched as venture capital transformed software markets and tools we use and love (loved?) - not always for the better. I believe the next frontier for MSP is in the Integration Services industry where we focus on using the automation skills we've developed over the last couple of decades and build value for new and existing customers.\n\n**This is our chance to own the tools we build our businesses on.**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgobifrost%2Fbifrost","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgobifrost%2Fbifrost","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgobifrost%2Fbifrost/lists"}