// PROJECT ARCHIVES

Projects

A collection of platforms, tools, and systems built to scale engineering operations and eliminate toil.

FEATURED PROJECTS

Enterprise AI Platform

Production-ready AWS Bedrock AI proxy/gateway built in under 5 months. Includes API Gateway with WAF and IP allowlist for Corp VPN egress, Lambda provisioner for self-service API key management with per-team rate limiting, DynamoDB usage tracking with per-model cost lookup, KMS encryption, CloudTrail audit logging, and cross-region inference profile support for Claude models.

AWSPulumiLambdaDynamoDBAPI GatewayWAFKMS

GitHub Actions Runner Fleet

Fully Go-based Pulumi platform supporting ephemeral EKS nodes, ARM64, macOS (MacStadium), and Windows ARC runners across 6+ GitHub organizations — over 14 million job runs processed to date. Evolved from initial k8s-based actions-runner-controller deployments to a single-repo production EKS platform with hardened AMI pipelines.

GoPulumiEKSGitHub ActionsDockerARM64

GitHub Org-as-Code Platform

Pulumi-based self-service platform enabling engineering teams to manage GitHub repos, teams, branch protections, autolinks, secrets, and rulesets via PR-driven GitOps. Adopted across all 6 Tanium GitHub organizations with automated governance including auto-open Jira on failure, JSON schema validation auto-approve, and admin membership enforcement.

PulumiGoGitHub APIDynamoDBGitOps

OTHER PROJECTS

GitHub Mass Repo Editing Tool

Python CLI for bulk cross-repository operations across GitHub Enterprise: add/remove files, in-place YAML workflow edits with regex path matching, and arbitrary script execution across all repos matching a name pattern. Auto-commits, pushes, and opens PRs on every matched repo. Used to execute large-scale migrations across 100+ repos.

PythonGitHub APICLIYAML

GitHub Actions Metrics Pipeline

Go-based metrics collection pipeline gathering workflow job run metrics, step status, container image usage, and runner queue depths across all GitHub orgs, feeding real-time Grafana dashboards used by DevOps leadership.

GoGrafanaGitHub API

Enterprise AI Governance Framework

Risk-based Policy as Code system defining tiered approval workflows, decision trees for AI Assistant and MCP Server classification, tool category reference tables, and data access classification matrices for auditable AI adoption decisions.

Policy as CodeRisk Framework

AI Developer Toolchain Configuration

Modular AI developer configuration system — a symlink-based setup supporting Claude Code and Cursor with shared commands, agents, behavioral rules, hooks, templates, and output styles. Designed for maintainability across tool updates.

ShellClaude CodeCursor

Shared Go Logging Library

Standard structured logging interface using uber/zap for all DevOps Go services, reducing inconsistent logging patterns across Pulumi projects and CLI tools.

Gouber/zap

CI/CD Observability Dashboards

Grafana dashboards for GitHub Actions infrastructure providing real-time visibility into runner queue depth, workflow failure rates, job duration, runner utilization, and infrastructure health.

GrafanaMetricsGo