CascadeGuard
Event-driven container image lifecycle management and supply chain attack prevention.
Architecture
- CLI-first — Python-based CLI for scanning, promoting, and managing container images
- Event-driven — responds to registry events, CI triggers, and scheduled scans
- Multi-repo — core CLI, GitHub Actions, hardened base images, exemplars
- GitOps — state repos track desired image state, ArgoCD applies
Key Facts
- Core repo: cascadeguard/cascadeguard
- Tech: Python, YAML
- License: BSL 1.1 → Apache 2.0 (2030-04-04)
- Project: cascadeguard
- Products: cascadeguard-oss, cascadeguard-premium
Components
| Component | Repo | Purpose |
|---|---|---|
| Core CLI | cascadeguard | Image lifecycle management |
| Actions | cascadeguard-actions | Reusable GitHub Actions |
| Open Secure Images | cascadeguard-open-secure-images | Hardened base images, daily CVE scanning |
| Exemplar | cascadeguard-exemplar | Example state repo |
| Docs | cascadeguard-docs | Documentation site |
Subsumes
- image-factory — Image Factory’s functionality is being migrated into CascadeGuard CLI