A declarative, provider-agnostic cloud development environment system. Deploy consistent development environments to Fly.io, local Docker, or via DevPod to Kubernetes, AWS, GCP, Azure, and other cloud providers using YAML-defined extensions.
🔐 Secure Supply Chain: All release images are signed with Cosign, include SBOM (Software Bill of Materials), and have SLSA Level 3 provenance attestations.
███████╗██╗███╗ ██╗██████╗ ██████╗ ██╗
██╔════╝██║████╗ ██║██╔══██╗██╔══██╗██║
███████╗██║██╔██╗ ██║██║ ██║██████╔╝██║
╚════██║██║██║╚██╗██║██║ ██║██╔══██╗██║
███████║██║██║ ╚████║██████╔╝██║ ██║██║
╚══════╝╚═╝╚═╝ ╚═══╝╚═════╝ ╚═╝ ╚═╝╚═╝
🔨 Forging Development Environments
📦 https://github.com/pacphi/sindri
Sindri (Old Norse: "spark") was a legendary dwarf blacksmith in Norse mythology, renowned for forging three of the most powerful artifacts: Mjölnir (Thor's hammer), Draupnir (Odin's ring), and Gullinbursti (Freyr's golden boar).
Like its mythological namesake, Sindri forges powerful development environments from raw materials—transforming cloud infrastructure, YAML configuration, and Docker into consistent, reproducible developer workspaces.
# Pull the Docker image
docker pull ghcr.io/pacphi/sindri:v3
# Or download the CLI binary
wget https://github.com/pacphi/sindri/releases/latest/download/sindri-linux-x86_64.tar.gz
tar -xzf sindri-linux-x86_64.tar.gz
sudo mv sindri /usr/local/bin/# Initialize configuration
sindri config init --provider kubernetes
# Deploy with automatic image version resolution
sindri deploy
# Verify image security
sindri image verify ghcr.io/pacphi/sindri:v3.0.0# List available versions
sindri image list
# Inspect image details
sindri image inspect ghcr.io/pacphi/sindri:v3.0.0 --sbom
# Check current image
sindri image currentDeploy to multiple cloud providers using the same configuration:
- Docker & Docker Compose
- Fly.io
- Kubernetes (kind, k3d, EKS, GKE, AKS)
- DevPod (AWS, GCP, Azure, DigitalOcean)
- E2B
- Signed Images: All releases signed with Cosign (keyless)
- SBOM: Software Bill of Materials in SPDX format
- SLSA Provenance: Level 3 build attestations
- Vulnerability Scanning: Trivy scans on every CI build
- Build Once, Promote Often: CI builds once, releases retag (no rebuild)
- Version Resolution: Semantic versioning constraints
- Signature Verification: Automatic verification before deployment
- Registry-First: GHCR as single source of truth
Install development tools declaratively using profiles or individual extensions.
MIT License - see LICENSE file for details.
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}