Privateer is a validation framework that simplifies infrastructure testing and compliance validation. Built with infrastructure engineers in mind, Privateer helps accelerate security and compliance validation of any software asset.
- Community-Driven Plugins: Plugins are crafted and maintained collaboratively by the community or privately within your organization
- Comprehensive Resource Validation: Validate diverse resources in a single execution, regardless of how many resources or validations you need to queue
- Consistent Machine-Readable Output: Standardized output simplifies automation and integration
- Plugin Generation: Generate plugin scaffolding from Gemara Layer 2 schema catalogs with the push of a button
For detailed ecosystem documentation, visit privateerproj.com
Click the star at the top right of this page so that you can find it easily the next time you sign in to GitHub.
Option 1: Install via Script
/bin/bash -c "$(curl -sSL https://raw.githubusercontent.com/privateerproj/privateer/main/install.sh)"Option 2: Download from Releases Download the latest release from GitHub Releases.
Option 3: Build from Source
git clone https://github.com/privateerproj/privateer.git
cd privateer
go mod tidy
make buildWe do not currently maintain an authoritative list of community plugins, but a good place to start would be the OpenSSF's plugin for scanning GitHub repos against the Open Source Project Security Baseline.
Plugin installation is currently left to the user. The default location for plugin binaries is $HOME/.privateer/bin. You may specify a different location at runtime via --binaries-path if you install your plugins elsewhere.
To review the plugins you have installed, run privateer list -a.
We welcome contributions! See our Contributing Guidelines for details.
All contributions are covered by the Apache 2 License at the time the pull request is opened, and all community interactions are governed by our Code of Conduct.
- Go 1.25.1 or later - Required for building Privateer and running tests
- Make - For using the Makefile build targets
Run all tests:
make testRun tests with coverage:
make testcovmake binary- Build the binarymake test- Run tests and vet checksmake testcov- Run tests with coverage reportmake tidy- Clean up go.mod dependenciesmake release- Build release binaries for all platformsmake build- Alias fortidy test binary
privateer/
├── cmd/ # CLI commands (run, list, generate-plugin, etc.)
├── test/ # Test data and fixtures
├── build/ # Build scripts and CI configurations
├── main.go # Application entry point
└── go.mod # Go module dependencies
For vulnerability reporting, please reference our Security Policy. For security questions, please search our closed issues and open a new issue if your question has not yet been answered.
- Privateer SDK - SDK for developing Privateer plugins
- Privateer Documentation - Complete documentation site
- Example Plugin - Reference implementation