Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
cloudstack-orchestrator
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
cloudstack-orchestrator
CloudStack Orchestrator SDK and CLI for automated Kubernetes platform management
- Version
- 2.5.0
- Maintainers
- 1
CloudStack Orchestrator
A unified SDK and CLI for automated Kubernetes platform management using GitOps principles.
Features
- 🚀 Zero-touch cluster bootstrapping - Automated setup with minimal manual steps
- 🔐 Integrated secrets management - AWS Secrets Manager support with automatic generation
- 🤖 Multiple interfaces - Use as CLI or SDK for programmatic access
- ☁️ Multi-cloud ready - Support for AWS, GCP, Azure, and local development
- 🔄 GitOps native - Built on ArgoCD with the app-of-apps pattern
Installation
# Install from PyPI
uv tool install cloudstack-orchestrator
# Or add to your project
uv add cloudstack-orchestrator
Quick Start
CLI Usage
# Interactive setup
cso setup
# Non-interactive setup
cso setup \
--provider aws \
--cluster my-cluster \
--domain platform.example.com \
--github-org my-org \
--region us-east-1
# Check status
cso status
# Validate prerequisites
cso validate
SDK Usage
from cloudstack_orchestrator import CloudStackSDK, Config, CloudProvider
from cloudstack_orchestrator.core.config import GitHubConfig
# Create configuration
config = Config(
provider=CloudProvider.AWS,
region="us-east-1",
cluster_name="my-cluster",
domain="platform.example.com",
github=GitHubConfig(
org="my-org",
token="ghp_..."
)
)
# Initialize SDK
sdk = CloudStackSDK(config)
# Run setup
await sdk.setup()
# Check status
status = await sdk.get_status()
Architecture
CloudStack Orchestrator sets up:
- ArgoCD - GitOps continuous delivery
- Istio - Service mesh for traffic management
- Keycloak - Identity and access management
- Prometheus/Grafana - Monitoring and observability
- Cert-Manager - Automatic TLS certificate management
Development
# Clone the repository
git clone https://github.com/killerapp/cloudstack-orchestrator
cd cloudstack-orchestrator/cso-cli
# Install dependencies
uv sync
# Run tests
uv run pytest
# Run CLI in development
uv run python -m cloudstack_orchestrator.cli
Publishing to PyPI
# Build the package
uv build
# Publish to PyPI
uv publish
License
MIT
Keywords
FAQs
CloudStack Orchestrator SDK and CLI for automated Kubernetes platform management
We found that cloudstack-orchestrator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026