vertti / preflight
Validation toolkit for containers and CI. Single binary, zero dependencies.
AI Architecture Analysis
This repository is indexed by RepoMind. By analyzing vertti/preflight in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.
Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.
Embed this Badge
Showcase RepoMind's analysis directly in your repository's README.
Repository Overview (README excerpt)
Crawler viewPreflight > Validation toolkit for containers and CI. Single binary, zero dependencies. Quick Start What It Does Pre-flight checks for containers: verify services, environment, dependencies. Each check does multiple things and tells you exactly what failed. • **One command, multiple checks** — verifies: on PATH, actually runs, returns version, meets constraint • **Works without a shell** — Runs in distroless/scratch, no shell required • **Container-aware** — Reads cgroup limits, not just host /proc/meminfo • **Version constraints** — uses semver, not string comparison Exit code on success, on failure. Works with , Docker , and CI pipelines. Use Cases • **Docker builds** — verify binaries, configs during image build • **Startup** — wait for databases before your app starts • **CI** — validate environment, connectivity, checksums • **Health checks** — HTTP/TCP without curl or netcat FAQ Why not just shell scripts? Shell works for simple checks. But this: Becomes: Preflight also helps when you need: • Checks in minimal images (no shell available) • Container-aware resource limits (cgroup detection) • Semantic version constraints ( , ) • Consistent output format across all checks Does this add bloat/attack surface? • 2MB binary (Linux), no C dependencies • 3 direct dependencies (cobra, semver, x/term) • Security scans on every commit (govulncheck, gosec) • Auto-updated via Renovate To exclude from final image: multi-stage builds Why not curl for health checks? Curl works. Preflight is useful when curl isn't in your image, or you need JSON path assertions, built-in retry, or you're already using it for other checks. Install **In containers:** > Want to keep your final image lean? See Keeping Containers Clean for multi-stage builds and external validation. **On your machine / CI:** Other install methods Usage See the **full usage guide** for all commands and options. Check commands All cmd options Check environment variables All env options Check files and directories All file options Check HTTP endpoints All http options Verify file checksums All hash options Run checks from a file Create a file in your project: Run all checks: File format, discovery, and hashbang support Security Preflight is designed for security-sensitive environments like CI pipelines and container builds. We take code quality seriously: • **gosec** — Static analysis for security vulnerabilities • **govulncheck** — Dependency vulnerability scanning • **20+ linters** via golangci-lint including nil-safety and error handling checks All security checks run in CI on every commit. License Apache 2.0