I build cloud-native systems engineered for scale, reliability, and security — with a strong focus on AI infrastructure and DevSecOps.
Working across Kubernetes, Terraform, CI/CD, cloud platforms,Agentic Systems. I translate complex ideas into production-grade systems designed for real-world workloads.
Currently exploring the intersection of security, AI systems, and distributed cloud infrastructure, where resilience and intelligence converge with optimal resource utilisation.
- Cloud-native system architecture
- AI infrastructure engineering
- Secure software supply chains
- Observability, reliability, and runtime resilience
Autonomous AI-driven CVE remediation and runtime validation system for containerized workloads.
Designed as a production-oriented GitHub Marketplace Action that detects vulnerabilities, generates secure Dockerfile patches using AI, validates fixes in ephemeral Kubernetes environments, and automatically opens review-ready pull requests.
- Detects container CVEs using Trivy
- Generates remediation patches using local or cloud LLMs
- Performs Docker build smoke validation
- Deploys patched workloads into ephemeral KinD clusters
- Re-scans images to verify remediation success
- Creates automated pull requests with audit evidence
- Local Ollama inference for zero-data-egress remediation
- Gemini and OpenAI integration for accelerated patch generation
- Model-driven Dockerfile transformation pipeline
- Secure side-by-side patch generation (
Dockerfile.patched)
- Instruction-level hallucination defense engine
- Docker syntax whitelist enforcement
- Runtime validation through KinD Kubernetes clusters
- CrashLoopBackOff detection and deployment verification
- RBAC-aware Kubernetes deployment model
- Secure-by-default container hardening policies
🔗 Repository:
👉 https://github.com/barbaria888/SupplyChain-Guardian-AI-Github_Action
Cloud-native autonomous system for Kubernetes troubleshooting using local AI, observability tools, and secure execution pipelines.
It analyzes cluster issues, reasons about root causes, and safely suggests remediations through a human-approved workflow.
🧠 Core Workflow
- Detects issues using RunWhen Codebundles
- Reasons with local LLMs (Ollama + Gemma) or Nvidia nim apis (OpenAI standard)
- Retrieves historical incidents via ChromaDB
- Generates safe kubectl remediation commands
- Executes only after human approval via dashboard
⚙️ Architecture
Frontend: React + Vite (Nginx-served dashboard)
Backend: FastAPI orchestration layer (agent-based system)
AI Layer: Ollama (local inference) , Gemma:2b
Memory: ChromaDB (incident recall + context)
Tools: K8sGPT + kubectl execution engine
🛡️ Safety Model
- Guardrails prevent destructive operations
- Human-in-the-loop approval before execution
- Fully local inference (no external AI APIs)
- RBAC-based cluster access control
- Auditability via stored incident history
🔗 Repository
https://github.com/barbaria888/KubeOps-AI
- 🏗️ Google Cloud – Professional Cloud Architect (PCA) & Professional Cloud DevOps Engineer Tracks, Architecting with GKE Specialization, Logging & Monitoring
- 🔐 IBM – Monitoring and Observability for Development & DevOps, CI/CD pipelines (OpenShift/GitHub Actions)
- 🛡️ AI Security & Agents – Model Armor: Securing AI Deployments (OWASP LLM Top 10), Model Context Protocol (MCP Tools), Google ADK Agents
- 🧱 AWS – Cloud Essentials & Practitioner Professional Prep
- 🧿 Oracle Cloud – OCI Foundations Associate Certified
- 🦋 Platform & GitOps – Introduction to GitOps using Argo CD (Akuity), Vulnerability Management for Platform Engineers
OBSERVE IN SILENCE · BUILD IN DEPTH · STRIKE WITH PRECISION
Engineered beneath the surface. Proven where it matters.





