Proposing addition to the awesome-devops list.
Tool: Workflow Guardian
Repository: https://github.com/ollieb89/workflow-guardian
Category: CI/CD Security & Governance
What it does
Automated policy validation and linting for GitHub Actions workflows. Detects secrets exposure, enforces YAML schema compliance, validates runner configurations, and maintains audit trails for workflow changes.
Why it matters
- Prevents accidental credential leaks in CI/CD pipelines
- Enforces compliance across teams without manual code review overhead
- Available as CLI tool + GitHub Action for seamless integration
- Open source (MIT) with active development
Key capabilities
✓ Secret detection (bare tokens in logs, artifact names, etc)
✓ YAML structure + schema validation
✓ Runner context validation (host/self-hosted mismatch detection)
✓ Step dependency chain analysis
✓ Audit logging for workflow modifications
✓ Custom policy rule support
Perfect fit for DevOps teams building secure CI/CD infrastructure at scale.
Proposing addition to the awesome-devops list.
Tool: Workflow Guardian
Repository: https://github.com/ollieb89/workflow-guardian
Category: CI/CD Security & Governance
What it does
Automated policy validation and linting for GitHub Actions workflows. Detects secrets exposure, enforces YAML schema compliance, validates runner configurations, and maintains audit trails for workflow changes.
Why it matters
Key capabilities
✓ Secret detection (bare tokens in logs, artifact names, etc)
✓ YAML structure + schema validation
✓ Runner context validation (host/self-hosted mismatch detection)
✓ Step dependency chain analysis
✓ Audit logging for workflow modifications
✓ Custom policy rule support
Perfect fit for DevOps teams building secure CI/CD infrastructure at scale.