I build cloud-native systems engineered for scale, reliability, and security — with a strong focus on AI infrastructure and DevSecOps.

Working across Kubernetes, Terraform, CI/CD, cloud platforms,Agentic Systems. I translate complex ideas into production-grade systems designed for real-world workloads.

Currently exploring the intersection of security, AI systems, and distributed cloud infrastructure, where resilience and intelligence converge with optimal resource utilisation.

• Cloud-native system architecture
• AI infrastructure engineering
• Secure software supply chains
• Observability, reliability, and runtime resilience

Autonomous AI-driven CVE remediation and runtime validation system for containerized workloads.

Designed as a production-oriented GitHub Marketplace Action that detects vulnerabilities, generates secure Dockerfile patches using AI, validates fixes in ephemeral Kubernetes environments, and automatically opens review-ready pull requests.

• Detects container CVEs using Trivy
• Generates remediation patches using local or cloud LLMs
• Performs Docker build smoke validation
• Deploys patched workloads into ephemeral KinD clusters
• Re-scans images to verify remediation success
• Creates automated pull requests with audit evidence

• Local Ollama inference for zero-data-egress remediation
• Gemini and OpenAI integration for accelerated patch generation
• Model-driven Dockerfile transformation pipeline
• Secure side-by-side patch generation (Dockerfile.patched)

• Instruction-level hallucination defense engine
• Docker syntax whitelist enforcement
• Runtime validation through KinD Kubernetes clusters
• CrashLoopBackOff detection and deployment verification
• RBAC-aware Kubernetes deployment model
• Secure-by-default container hardening policies

Scanning: Trivy + SBOM generation
AI Layer: Ollama / Gemini / OpenAI
Validation: KinD ephemeral Kubernetes clusters
Orchestration: GitHub Actions automation pipeline
Compliance: Audit logs + remediation evidence artifacts

• Zero-trust deployment validation
• Human-reviewable AI remediation workflows
• Runtime verification before merge approval
• Immutable auditability for AI-generated patches
• Automated secure software supply-chain enforcement

• Autonomous CVE remediation systems
• AI-assisted infrastructure hardening
• Secure software supply chains
• Kubernetes runtime validation
• AI + DevSecOps convergence
• Self-healing infrastructure pipelines

🔗 Repository:
👉 https://github.com/barbaria888/SupplyChain-Guardian-AI-Github_Action

Cloud-native autonomous system for Kubernetes troubleshooting using local AI, observability tools, and secure execution pipelines.

It analyzes cluster issues, reasons about root causes, and safely suggests remediations through a human-approved workflow.

🧠 Core Workflow

• Detects issues using K8sGPT
• Reasons with local LLMs (Ollama + Gemma)
• Retrieves historical incidents via ChromaDB
• Generates safe kubectl remediation commands
• Executes only after human approval via dashboard

⚙️ Architecture

Frontend: React + Vite (Nginx-served dashboard)
Backend: FastAPI orchestration layer (agent-based system)
AI Layer: Ollama (local inference) , Gemma:2b Memory: ChromaDB (incident recall + context)
Tools: K8sGPT + kubectl execution engine

🛡️ Safety Model

• Guardrails prevent destructive operations
• Human-in-the-loop approval before execution
• Fully local inference (no external AI APIs)
• RBAC-based cluster access control
• Auditability via stored incident history

📌 Focus Areas

• Agentic AI for infrastructure operations
• Local LLM deployment in Kubernetes
• Memory-augmented troubleshooting systems
• Cloud-native AI system design (GKE / K3s)

🔗 Repository
https://github.com/barbaria888/KubeOps-AI

A production-grade DevSecOps + GitOps pipeline with strong security and quality enforcement.

• 🔍 Code Security — CodeQL (SAST): Detects vulnerabilities (injection, secrets, auth flaws, etc.)
• 🧹 Linting — Code Quality Gate: Enforces clean, maintainable code
• 🧪 Automated Tests: Prevents regressions across services
• 🐳 Docker Build: Secure, reproducible container builds
• 🛡️ Container Security — Trivy Scan: Detects OS/package vulnerabilities & CVEs
• 📦 Artifact Distribution: Pushes verified images to Docker Hub

• Security embedded into CI/CD pipelines
• Shift-left vulnerability detection
• Secure software supply chain (SCA + SBOM)
• GitOps-based deployments with declarative control
• End-to-end pipeline gating for production readiness

🔗 Repository:
👉 https://github.com/Dhruvsahu1/Educonnect-D/

• ☁️ Deploying AI workloads on cloud(GCP) and localised ai inference and model serving.
• ⚡ Exploring real world monitoring using prometheus,grafana,otel,Datadog, metrics,traces,logs alerting.
• 🔐 Strengthening runtime security layers, throughout the SDLC
• Moving toward fully automated, scalable AI platforms

• 🏗️ Google Cloud – Architecting with GKE, Terraform, AI Infrastructure (in progress)
• 🔐 IBM – Application Security for Devs & DevOps (in progress)
• 🧱 AWS – Cloud Essentials & Practitioner Prep
• 🧿 Oracle Cloud – OCI Foundations Associate
• 🦋 CNCF Stack – Kubernetes, Argo CD, OpenShift, Tekton

🎓 Continuous learning through hands-on labs, real systems, and applied projects—not just coursework.

OBSERVE IN SILENCE · BUILD IN DEPTH · STRIKE WITH PRECISION

Engineered beneath the surface. Proven where it matters.