Containerize anything. Ship everywhere. OCI-compliant, multi-language, batteries included.
Project description
██████╗ ██████╗ ███╗ ██╗████████╗ █████╗ ██╗███╗ ██╗███████╗██████╗ ██████╗ ███████╗
██╔════╝██╔═══██╗████╗ ██║╚══██╔══╝██╔══██╗██║████╗ ██║██╔════╝██╔══██╗██╔════╝ ██╔════╝
██║ ██║ ██║██╔██╗██║ ██║ ███████║██║██╔██╗██║█████╗ ██████╔╝██║ ███╗█████╗
██║ ██║ ██║██║╚████║ ██║ ██╔══██║██║██║╚████║██╔══╝ ██╔══██╗██║ ██║██╔══╝
╚██████╗╚██████╔╝██║ ╚███║ ██║ ██║ ██║██║██║ ╚███║███████╗██║ ██║╚██████╔╝███████╗
╚═════╝ ╚═════╝ ╚═╝ ╚══╝ ╚═╝ ╚═╝ ╚═╝╚═╝╚═╝ ╚══╝╚══════╝╚═╝ ╚═╝ ╚═════╝ ╚══════╝
Containerize anything. Ship everywhere.
Installation · Quick Start · Commands · Config · Contributing
ContainerForge detects your app's language and framework, generates an OCI-compliant multi-stage Dockerfile, wires up databases, adds a self-healing sidecar with Prometheus metrics, and ships Kubernetes manifests and CI/CD pipelines — all from a single command.
What it does
containerforge build ./my-api
That one command:
- Detects language + framework (Python/Node/Go/Java/Ruby/Rust/PHP/.NET, 40+ frameworks)
- Generates an OCI-compliant multi-stage Dockerfile (distroless for Go/Rust, slim for everything else)
- Injects
/healthand/telemetryendpoints (Python apps, zero code changes) - Wires detected databases (postgres, mysql, redis, mongo, elastic, kafka, rabbitmq) into docker-compose
- Deploys a sidecar watchdog that auto-restarts failed containers and exports Prometheus metrics
- Scans the built image with Trivy for CVEs before you push
- Builds and launches everything with
docker compose up -d
Optional flags unlock more:
containerforge build ./my-api --with-k8s --with-cicd --with-dash --push docker.io/myorg
Installation
pip install containerforge
Or install from source:
git clone https://github.com/containerforge/containerforge
cd containerforge
pip install -e .
Optional dependencies:
| Feature | Requirement |
|---|---|
| Vulnerability scanning | Trivy |
| AI analysis | ANTHROPIC_API_KEY environment variable |
| Cloud deploy | aws/gcloud/az/fly CLIs |
| Kubernetes | kubectl |
Quick Start
# Detect what you have
containerforge detect ./my-app
# Generate all files + build + run
containerforge build ./my-app
# Generate files only (no docker build)
containerforge build ./my-app --no-build
# Full pipeline: k8s + CI/CD + Grafana + push
containerforge build ./my-app \
--with-k8s --with-cicd --with-dash \
--push docker.io/myorg
# Write a containerforge.yml to commit to version control
containerforge init ./my-app
Commands
| Command | Description |
|---|---|
build |
Detect + containerize + build + run |
detect |
Scan source dir, report language/framework/OCI metadata |
init |
Write a starter containerforge.yml |
scan |
Run Trivy vulnerability scan |
k8s |
Generate Kubernetes manifests |
cicd |
Generate CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) |
deploy |
Deploy to cloud (aws / gcp / azure / fly) |
dashboard |
Generate Grafana dashboard + Prometheus config |
analyze |
AI-powered containerization quality analysis |
clean |
Remove all generated files |
list-supported |
Show all supported languages, frameworks, clouds |
build
containerforge build ./my-app [OPTIONS]
Options:
-n, --name TEXT Image/service name (default: directory name)
-p, --port INT Override detected port
-t, --tag TEXT Docker image tag (default: latest)
-l, --lang TEXT Override language detection
-f, --framework TEXT Override framework detection
--platform TEXT OCI target platform (default: linux/amd64)
--no-inject Skip /health endpoint injection
--no-scan Skip Trivy scan
--no-build Generate files only
--no-run Build image but skip compose up
--with-k8s Also generate Kubernetes manifests
--with-cicd Also generate CI/CD pipelines
--with-dash Also generate Grafana dashboard
--push TEXT Push to registry after build
--ai Run LLM analysis (requires ANTHROPIC_API_KEY)
k8s
containerforge k8s ./my-app --namespace production --replicas 3 --ingress --hpa
Generates k8s/ with:
00-namespace.yaml— Namespace01-serviceaccount.yaml— ServiceAccount (no token automount)02-configmap.yaml— Non-sensitive env vars03-secret.yaml— Secret template (never commit real values)04-deployment.yaml— Deployment with liveness/readiness/startup probes, resource limits, anti-affinity, seccomp05-service.yaml— ClusterIP Service06-networkpolicy.yaml— Deny-all NetworkPolicy with explicit allowances07-pdb.yaml— PodDisruptionBudget (minAvailable: 1)08-ingress.yaml— Ingress with cert-manager TLS (optional)09-hpa.yaml— HorizontalPodAutoscaler (optional)kustomization.yaml— Kustomize entry point
cicd
containerforge cicd ./my-app --provider github
Generates pipelines with stages: test → build → scan (Trivy/SARIF) → push → deploy
- GitHub Actions —
.github/workflows/containerforge.yml- Uploads Trivy results to GitHub Security tab
- Generates + uploads SBOM artifact
- Multi-platform builds (amd64 + arm64) on push to main
- GitLab CI —
.gitlab-ci.yml- Container scanning report
- Manual deploy gate to production
- Jenkins —
Jenkinsfile(declarative pipeline)
deploy
containerforge deploy ./my-app --provider aws --region us-east-1
| Provider | Service | IaC |
|---|---|---|
aws |
ECS Fargate | CloudFormation + deploy script |
gcp |
Cloud Run | Cloud Run YAML + deploy script |
azure |
Container Apps | Bicep + deploy script |
fly |
Fly.io Machines | fly.toml + deploy script |
Use --gen-only to write IaC files without executing the deploy.
analyze
export ANTHROPIC_API_KEY=sk-ant-...
containerforge analyze ./my-app
Uses Claude to review your Dockerfile and source code. Returns:
- Production readiness score (0–100) with breakdown by category
- Security issues (hardcoded secrets, non-root user, missing caps)
- Dockerfile optimizations (layer caching, image size, multi-stage)
- Top 5 ranked recommendations with code snippets
Configuration
Create containerforge.yml in your app directory (or run containerforge init ./my-app):
# containerforge.yml — commit this to version control
name: my-api
lang: python
framework: flask
port: 5000
tag: latest
platform: linux/amd64
# Observability
sidecar_port: 9090
inject_health: true
# Security
scan: true
sbom: false
# Databases (auto-detected, or specify explicitly)
databases:
- postgres
- redis
# Secrets to expose as env vars
env_secrets:
- DATABASE_URL
- SECRET_KEY
# Registry
push_registry: docker.io/myorg
# Kubernetes
k8s:
namespace: production
replicas: 3
ingress: true
ingress_host: api.example.com
hpa: true
min_replicas: 2
max_replicas: 20
# Cloud deploy
cloud:
provider: aws
region: us-east-1
CLI flags always override containerforge.yml values.
Supported Languages & Frameworks
| Language | Frameworks | Runtime Image |
|---|---|---|
| Python | Flask, FastAPI, Django, Starlette, Tornado, aiohttp, Sanic, Bottle, Litestar | python:3.x-slim |
| Node.js | Express, Fastify, Next.js, NestJS, Koa, Hapi, Nuxt | node:20-alpine |
| Go | Gin, Echo, Fiber, Chi, Gorilla Mux, net/http | distroless/static |
| Java | Spring Boot, Quarkus, Micronaut, Vert.x | temurin:21-jre-alpine |
| Ruby | Rails, Sinatra, Hanami, Grape | ruby:3.x-slim |
| Rust | Actix-web, Axum, Warp, Rocket | distroless/cc |
| PHP | Laravel, Symfony, Slim, Lumen | php:8.x-fpm-alpine |
| .NET | ASP.NET Core, Blazor | dotnet/aspnet:8.0-alpine |
Auto-detected Databases
ContainerForge scans your dependency files and env vars to detect:
| Database | Image | Auto-wired env var |
|---|---|---|
| PostgreSQL | postgres:16-alpine | DATABASE_URL |
| MySQL | mysql:8-oracle | DATABASE_URL |
| Redis | redis:7-alpine | REDIS_URL |
| MongoDB | mongo:7 | MONGODB_URI |
| Elasticsearch | elasticsearch:8.x | ELASTICSEARCH_URL |
| RabbitMQ | rabbitmq:3-management | RABBITMQ_URL |
| Apache Kafka | confluentinc/cp-kafka:7.x | KAFKA_BROKERS |
Sidecar Watchdog
Every app gets a FastAPI sidecar container that:
- Polls
/healthevery 10 seconds - Auto-restarts the app container after 3 consecutive failures (via Docker socket)
- Exports Prometheus metrics at
:9090/sidecar/metrics - Serves status/history at
:9090/sidecar/status - Optionally sends webhook alerts (Slack/PagerDuty)
OCI Compliance
All generated Dockerfiles follow the OCI Image Spec:
org.opencontainers.image.*labels on every imagesyntax=docker/dockerfile:1.6BuildKit headerSTOPSIGNAL SIGTERMon every image- Fixed UID/GID non-root user (
1001:1001) --platformARG for cross-architecture builds- Multi-stage builds with minimal runtime layers
Contributing
We welcome contributions of all kinds. See CONTRIBUTING.md to get started.
Good first issues:
- Add a new language or framework to
analyzer/source_detector.py - Add a new database to
generator/db_wirer.py - Improve Kubernetes resource presets
- Add a new cloud provider to
cloud/cloud_deployer.py
License
Apache 2.0 — see LICENSE.
Built with ❤️ by the ContainerForge community
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
containerforge-2.1.1.tar.gz
(76.1 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file containerforge-2.1.1.tar.gz.
File metadata
- Download URL: containerforge-2.1.1.tar.gz
- Upload date:
- Size: 76.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
98f87f1a2f7e8438c6bd097f5f74aa96ffdbbe1ce8f2851cb41b212a0f8e4916
|
|
| MD5 |
326af39c4d5a42967257db61a89ba94c
|
|
| BLAKE2b-256 |
0040d85671b726840f0d84187c1fc4056030ea338a4a2048fd3f65ae510c4d36
|
File details
Details for the file containerforge-2.1.1-py3-none-any.whl.
File metadata
- Download URL: containerforge-2.1.1-py3-none-any.whl
- Upload date:
- Size: 74.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
730b8c8b870a259b6eee10684881fc37b77b6d7ba70e59d481ab525bd738d3de
|
|
| MD5 |
20c4bd09391a4dd591b167e0ea237408
|
|
| BLAKE2b-256 |
16ff97c8bc1279598f50e11dd33d84be4275d104262da0ac6d5e2710894000e4
|
