
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
cdk8s-plone
Advanced tools
TypeScript and Python library for deploying Plone CMS to Kubernetes using CDK8S
cdk8s-plone provides CDK8S constructs for deploying Plone CMS on Kubernetes. Define your infrastructure using TypeScript or Python and generate Kubernetes manifests automatically.
Key Features:
TypeScript/JavaScript:
npm install @bluedynamics/cdk8s-plone
Python:
pip install cdk8s-plone
import { App, Chart } from 'cdk8s';
import { Plone, PloneVariant } from '@bluedynamics/cdk8s-plone';
const app = new App();
const chart = new Chart(app, 'PloneDeployment');
new Plone(chart, 'my-plone', {
variant: PloneVariant.VOLTO,
backend: {
image: 'plone/plone-backend:6.1.3',
replicas: 3,
},
frontend: {
image: 'plone/plone-frontend:16.0.0',
replicas: 2,
},
});
app.synth();
Generate Kubernetes manifests:
cdk8s synth
kubectl apply -f dist/
📚 Full documentation: https://bluedynamics.github.io/cdk8s-plone/
Complete working examples are available in the examples/ directory:
Production Volto - Production-ready Plone 6 deployment with modern UI:
Classic UI - Traditional Plone deployment with server-side rendering:
Enable Prometheus ServiceMonitor for metrics collection (requires Prometheus Operator):
new Plone(chart, 'my-plone', {
backend: {
servicemonitor: true,
metricsPath: '/metrics', // optional, defaults to '/metrics'
},
frontend: {
servicemonitor: true,
metricsPort: 9090, // optional, defaults to service port
},
});
Note: You must instrument your Plone backend/frontend to expose metrics at the configured endpoint. For Volto/Node.js frontends, consider using prom-client or express-prometheus-middleware.
For detailed setup instructions, see Setup Prerequisites.
This project uses Projen for project management.
# Install dependencies
npm install
# Run tests
npm test
# Build
npm run build
# Update project configuration
# Edit .projenrc.ts, then run:
npx projen
For detailed development instructions, see CONTRIBUTING.md (if available).
Maintained by Blue Dynamics Alliance
Author: Jens W. Klein (jk@kleinundpartner.at)
FAQs
Provides a CMS Plone Backend and Frontend for Kubernetes with cdk8s
We found that cdk8s-plone demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.