DevOps Engineer passionate about Cloud Infrastructure, Kubernetes, and Automation. Building open-source tools for the DevOps community.
Follow for new Kubernetes operators, GitHub Actions, and OSS contribution updates.
| Project | Description | Stars |
|---|---|---|
| compress-decompress | GitHub Action for file compression/decompression |  |
| network-policy-generator | Kubernetes operator that generates NetworkPolicy from a CRD |  |
| cicd-monitoring | Production-ready CI/CD & monitoring stack for AWS/GCP/on-prem Kubernetes |  |
| helios-lb | Kubernetes controller providing bare-metal LoadBalancer IP allocation (MetalLB-style) |  |
| k8s-namespace-sync | Kubernetes controller that syncs Secrets/ConfigMaps across namespaces |  |
Contributions to external open-source projects.
| Project | PR | Contribution |
|---|---|---|
| apache/airflow | #67675 | Gateway API HTTPRoute support for the API server |
| argoproj/argo-helm | #3914 | argo-rollouts dashboard Gateway API HTTPRoute support |
| apache/amoro | #4243 | Gateway API HTTPRoute support for the Amoro chart |
| falcosecurity/charts | #1026 | falcosidekick Gateway API HTTPRoute support |
| prometheus-community/helm-charts | #6961 | blackbox-exporter Gateway API HTTPRoute support |
| jaegertracing/helm-charts | #761 | Restore extraVolumes/extraVolumeMounts on the all-in-one deployment |
| yannh/kubeconform | #356 | Avoid SIGSEGV panic on null-decoding schema |
| astral-sh/setup-uv | #918 | Read the pinned uv version from uv.lock for deterministic CI |
View all contributions (86)
| Project | PR | Contribution | Status |
|---|---|---|---|
| pgadmin-org/pgadmin4 | #10095 | Add opt-in Gateway API HTTPRoute template to the pgAdmin Helm chart | ✅ Merged |
| firefly-iii/kubernetes | #117 | firefly-iii chart Gateway API HTTPRoute support | ✅ Merged |
| pajikos/home-assistant-helm-chart | #178 | Add Gateway API HTTPRoute support to the home-assistant Helm chart | ✅ Merged |
| apache/amoro | #4243 | Add Gateway API HTTPRoute support to the Amoro Helm chart | ✅ Merged |
| argoproj/argo-helm | #3914 | argo-rollouts dashboard Gateway API HTTPRoute support | ✅ Merged |
| jaegertracing/helm-charts | #758 | Query UI HTTPRoute support | ✅ Merged |
| falcosecurity/charts | #1026 | falcosidekick HTTPRoute support | ✅ Merged |
| prometheus-community/helm-charts | #6961 | blackbox-exporter HTTPRoute support | ✅ Merged |
| prometheus-community/helm-charts | #6958 | alertmanager HTTPRoute support | ✅ Merged |
| apache/airflow | #67675 | Gateway API HTTPRoute for API server | ✅ Merged |
| padok-team/burrito | #927 | Add opt-in Gateway API HTTPRoute support to the Burrito Helm chart | 🔵 Review |
| apache/airflow | #68552 | Improve API server HTTPRoute config based on review feedback | 🔵 Review |
| mattermost/mattermost-helm | #522 | mattermost-team-edition chart Gateway API HTTPRoute support | 🔵 Review |
| RocketChat/helm-charts | #234 | rocketchat chart Gateway API HTTPRoute support | 🔵 Review |
| danny-avila/LibreChat | #13671 | LibreChat chart Gateway API HTTPRoute support | 🔵 Review |
| 1Password/op-scim-helm | #171 | Gateway API HTTPRoute support for the 1Password SCIM bridge chart | 🔵 Review |
| apache/superset | #40785 | Add Gateway API HTTPRoute support | 🔵 Review |
| twuni/docker-registry.helm | #199 | docker-registry chart Gateway API HTTPRoute support | 🔵 Review |
| open-telemetry/opentelemetry-helm-charts | #2246 | collector Gateway API HTTPRoute support | 🔵 Review |
| apache/gravitino | #11308 | Gateway API HTTPRoute in Helm charts | 🔵 Review |
| Project | PR | Contribution | Status |
|---|---|---|---|
| jaegertracing/helm-charts | #761 | Restore extraVolumes/extraVolumeMounts on the all-in-one deployment | ✅ Merged |
| yannh/kubeconform | #356 | Avoid SIGSEGV panic on null-decoding schema | ✅ Merged |
| meshery/meshery | #19835 | Fix typos, function names & license header | ✅ Merged |
| kudobuilder/kuttl | #694 | Fix flaky integration test by randomizing namespace (prevents -count collision) | 🔵 Review |
| kedacore/charts | #880 | Add an opt-in hostUsers field to the KEDA operator, metrics server and webhooks pods (user namespaces) | 🔵 Review |
| stern/stern | #373 | Support nested-field extraction via dot notation in extractJSONParts/tryExtractJSONParts template funcs (closes #343) | 🔵 Review |
| jenkins-infra/helm-charts | #1972 | Add an opt-in PodDisruptionBudget to the httpd Helm chart | 🔵 Review |
| vmware-tanzu/helm-charts | #740 | Add optional PodDisruptionBudget to the Velero Helm chart | 🔵 Review |
| pypa/pipx | #1842 | Add --dry-run flag to pipx ensurepath to preview PATH changes without modifying any shell config |
🔵 Review |
| open-telemetry/opentelemetry-collector-contrib | #49146 | Add opt-in TLS support to the memcached receiver | 🔵 Review |
| elastic/elasticsearch | #151614 | S3 snapshot repository: EKS Pod Identity credential support | 🔵 Review |
| mindersec/minder | #6520 | Resolve OCI artifact created time from the image config instead of the time.Now() fallback (closes #6490) | 🔵 Review |
| ClementTsang/bottom | #2086 | Add an opt-in natural sort config option for string table columns (closes #1147) | 🔵 Review |
| open-policy-agent/conftest | #1355 | Add --github-hide-passed flag to skip passing files in the GitHub outputter (closes #1315) |
🔵 Review |
| open-policy-agent/conftest | #1354 | Add per-test names to successful test cases in conftest verify --output junit output |
🔵 Review |
| openobserve/openobserve-helm-chart | #222 | Add opt-in Prometheus Operator ServiceMonitor to the OpenObserve standalone Helm chart | 🔵 Review |
| dragonflydb/dragonfly-operator | #550 | Add optional PodDisruptionBudget to the operator Helm chart | 🔵 Review |
| tj-actions/changed-files | #2884 | Hardened README to recommend injection-safe consumption of the changed-files list (JSON + bash array + -- separator). |
🔵 Review |
| external-secrets/external-secrets | #6481 | Scoped External Secrets Operator cert-controller ClusterRole to least-privilege (resourceNames-pinned write access) in the Helm chart | 🔵 Review |
| grafana/cloudcost-exporter | #1051 | Opt-in leader election so multi-replica deployments make a single set of cloud provider API calls | 🔵 Review |
| dexidp/dex | #4831 | Add EdDSA (Ed25519) signing algorithm support to the local token signer | 🔵 Review |
| opentofu/setup-opentofu | #121 | Verify the downloaded OpenTofu CLI against the release's published SHA256SUMS by default (closes #117) | 🔵 Review |
| hashicorp/setup-terraform | #561 | Verify the downloaded Terraform CLI against HashiCorp's signed SHA256SUMS before install (closes #556) | 🔵 Review |
| open-telemetry/opentelemetry-helm-charts | #2258 | Honor schedulerName in daemonset and statefulset collector modes | 🔵 Review |
| vectordotdev/vector | #25607 | host_metrics temperature collector (sysinfo Components) | 🔵 Review |
| hashicorp/terraform-provider-kubernetes | #2905 | Add env_from_map provider-defined function |
🔵 Review |
| FairwindsOps/polaris | #1201 | Add SARIF output format to audit CLI | 🔵 Review |
| helm/chart-testing-action | #210 | Report a clear error when blob verification fails | 🔵 Review |
| nginx/nginx-gateway-fabric | #5392 | Add GEP-713 Programmed status condition to custom policies | 🔵 Review |
| helm/chart-testing | #841 | Honor --release-name instead of generating one |
🔵 Review |
| percona/percona-helm-charts | #862 | pmm gRPC ClusterIP nodePort fix | 🔵 Review |
| meshery/meshery | #19866 | Fix export flag validation + tests | 🔵 Review |
| dependabot/dependabot-core | #15199 | Identify Dependabot commits by author name | 🔵 Review |
| aquasecurity/trivy | #10770 | Add --color flag for table output |
🔵 Review |
| Project | PR | Contribution | Status |
|---|---|---|---|
| astral-sh/setup-uv | #918 | Add uv.lock as a version-file source so the exact pinned uv version is installed for deterministic CI |
✅ Merged |
| buildpacks/github-actions | #428 | Add pack-version-file input and default-on SHA256 download verification to the setup-pack action | 🔵 Review |
| yokawasa/action-setup-kube-tools | #98 | Add a version-file (.tool-versions) input to pin tool versions from a file | 🔵 Review |
| hashicorp/setup-packer | #177 | Add version-file input to read the Packer version from a .tool-versions file |
🔵 Review |
| sigstore/cosign-installer | #242 | Add cosign-release-file input (read the cosign version from an asdf .tool-versions / plain version file) | 🔵 Review |
| helm/kind-action | #162 | Add version_file input to load the kind version from an asdf .tool-versions or plain version file | 🔵 Review |
| terraform-linters/setup-tflint | #448 | Add a tflint_version_file input to pin the TFLint version from an asdf/mise .tool-versions or plain version file |
🔵 Review |
| extractions/setup-just | #29 | Add just-version-file input to resolve the version from a .tool-versions/plain file |
🔵 Review |
| actions/setup-dotnet | #743 | Add dotnet-version-file input — read the .NET SDK version from a .tool-versions / global.json file (closes #459) |
🔵 Review |
| astral-sh/ruff-action | #379 | Add uv.lock as a supported version-file format |
🔵 Review |
| cloudposse/github-action-setup-atmos | #110 | Add atmos-version-file input — resolve the Atmos version from a .tool-versions/plain version file |
🔵 Review |
| Azure/setup-helm | #281 | Add version-file input to read the Helm version from a .tool-versions file |
🔵 Review |
| Project | PR | Contribution | Status |
|---|---|---|---|
| nginx/nginx-gateway-fabric | #5440 | Refactor secret deprovisioning to remove gocyclo lint debt (#5253) | ✅ Merged |
| nginx/nginx-gateway-fabric | #5439 | Refactor TLS certificate reference resolver to reduce cyclomatic complexity (gocyclo tech-debt slice of #5253) | ✅ Merged |
| nginx/nginx-gateway-fabric | #5438 | Refactor listener port-conflict resolver to remove a gocyclo exception | ✅ Merged |
| nginx/nginx-gateway-fabric | #5480 | Refactor createHTTPFilters to remove gocyclo nolint | 🔵 Review |
| nginx/nginx-gateway-fabric | #5461 | Reduce cyclomatic complexity of the provisioner store's Gateway-resource lookup | 🔵 Review |
| nginx/nginx-gateway-fabric | #5455 | Extract parent ref resolution from bindL7RouteToListeners to remove the gocyclo lint exception | 🔵 Review |
| nginx/nginx-gateway-fabric | #5454 | Simplify getResourceVersionForObject by extracting a name-match helper to remove the gocyclo lint exception | 🔵 Review |
| nginx/nginx-gateway-fabric | #5453 | Simplify registerResourceInGatewayConfig by extracting a get-or-create helper to remove the gocyclo lint exception | 🔵 Review |
| nginx/nginx-gateway-fabric | #5452 | Refactor provisionNginx to remove the gocyclo lint exception by decomposing it into focused helpers | 🔵 Review |
| nginx/nginx-gateway-fabric | #5441 | Refactor addBackendRefsToRules into helpers to drop the gocyclo nolint (#5253) | 🔵 Review |
| Project | PR | Contribution | Status |
|---|---|---|---|
| losisin/helm-values-schema-json | #359 | Add --bundle-cache-min flag to override min schema cache duration |
✅ Merged |
| losisin/helm-values-schema-json | #357 | Deduplicate bundle flag registration via shared helper | ✅ Merged |
| losisin/helm-values-schema-json | #355 | Add lint subcommand |
✅ Merged |
| losisin/helm-values-schema-json | #354 | Add bundle subcommand |
✅ Merged |
| losisin/helm-values-schema-json | #365 | Add shorthand for the const and default schema annotations to reuse the field's own YAML value | 🔵 Review |
| losisin/helm-values-schema-json | #360 | Add nullable schema annotation | 🔵 Review |
| Project | PR | Contribution | Status |
|---|---|---|---|
| getmoto/moto | #10062 | Add EC2 snapshot tiering APIs (archive / describe-status / restore) | ✅ Merged |
| getmoto/moto | #10068 | Omit unset optional fields from Transfer describe responses | 🔵 Review |
| getmoto/moto | #10067 | Add Kinesis Firehose Iceberg destination support | 🔵 Review |
| getmoto/moto | #10065 | Add AppMesh VirtualGateway and GatewayRoute API support | 🔵 Review |
