Skip to content

Tech Stack

A Tech Stack (Technology Stack) refers to the combination of languages, frameworks, tools, and infrastructure used to build, deploy, and run an application.

1. Category

1.1. DevOps

  1. Container Manager

    • Docker

      Docker is an open-source platform for automating the deployment, scaling, and management of applications using containerization.

    • Podman

      Podman is an open-source platform for automating the deployment, scaling, and management of applications using containerization without requiring a daemon.

  2. Git Hooks Manager

    • pre-commit

      A framework for managing and maintaining multi-language pre-commit hooks.

  3. Dependency Update Manager

    • Dependabot

      Dependabot is a tool to automatically update dependencies by creating pull requests.

    • Renovate

      Renovate is a tool to automatically update dependencies by creating pull requests.

  4. Release Manager

    • Semantic-Release

      Semantic-Release automates the release process by analyzing commit messages to release (major, minor, patch), generating release notes and changelogs.

  5. Task Manager / Runner

    • Make

      Make is a build automation tool that defines and manages tasks to streamline development workflows.

    • Task

      Task is a modern task runner that defines and manages tasks to streamline development workflows.

  6. Policy / Compliance Manager

    • Conftest

      Conftest is a tool for writing tests against structured configuration data using the Open Policy Agent (OPA) Rego language.

    • Regal

      Regal is a tool for writing tests against structured configuration data using the Open Policy Agent (OPA) Rego language, with a focus on testing Rego policies.

  7. Supply Chain Manager

    • Trivy

      Trivy is a comprehensive security scanner for vulnerabilities, misconfigurations, and compliance issues in container images, file systems, and Git repositories.

  8. Context / Environment Manager

    • direnv

      direnv is an environment switcher for the shell to automatically load and unload environment variables based on the current directory.

  9. Secrets Manager

    • SOPS

      SOPS (Secrets OPerationS) is an editor of encrypted files that supports YAML, JSON, ENV, and INI formats, to encrypt specific fields while keeping the overall structure of the file intact.

  10. Key Manager

    • Vaultwarden

      Vaultwarden is a self-hosted password manager compatible with Bitwarden clients, providing secure storage and management of passwords and sensitive information.

  11. Documentation Generators

    • MkDocs

      MkDocs is a Static Site Generator (SSG) designed for building project documentation using Markdown.

  12. Analysis

    • SAST

      SAST (Static Application Security Testing) is a method of analyzing source code or compiled code to identify security vulnerabilities and weaknesses without executing the program.

    • DAST

      DAST (Dynamic Application Security Testing) is a method of testing the security of an application while it is running.

    • SCA

      SCA (Software Composition Analysis) is a method of analyzing the components and dependencies of a software application to identify potential security vulnerabilities and license compliance.

  13. Version Control System (VCS)

    • Git

      Git is a distributed version control system to collaborate and coordinate on a project by tracking changes in source code during software development.

  14. Platform

    • GitHub

      GitHub is a web-based DevOps platform that provides version control and collaboration features for software development projects.

    • GitLab

      GitLab is a web-based and self-hosted DevOps platform that provides version control, CI/CD, and collaboration features for software development projects.

  15. Conventions & Style Guides

    • Zero Trust Architecture (ZTA)

      Zero Trust Architecture (ZTA) is a security model that requires strict identity verification, enforces continuous verification, least-privilege access, strong identity and device posture checks, and microsegmentation of the network perimeter.

1.2. Go

1.2.1. Backend

  1. Programming & Scripting

    • Go (Golang)

      A statically typed, compiled language.

  2. Dependency Manager

    • Go Modules

      Go Modules are the official dependency management system for Go, allowing developers to manage versions and dependencies of their projects.

  3. Test Frameworks

    • Testing

      Go builtin TDD-style testing framework for unit, fuzz, and bench tests.

    • GoConvey

      BDD-style testing framework.

  4. Cache Manager

    • GroupCache

      GroupCache is a caching and cache-filling library, intended as a replacement for memcached.

  5. Logging

    • Zap

      Fast, structured, leveled logging in Go.

    • Logrus

      Structured, pluggable logging for Go.

    • Zerolog

      Zero-allocation JSON logger.

  6. Authentication

    • Goth

      A package for handling OAuth and OAuth2 authentication.

  7. Authorization

    • Casbin

      An authorization library that supports access control models like ACL, RBAC, ABAC.

  8. Repository Strategy

    • Modular Monolith

      The Modular Monolith organizes a single application into distinct, self-contained modules within one repository.

  9. Conventions & Style Guides

    • Google Go Style Guide

      The Go Style Guide and accompanying documents codify the current best approaches for writing readable and idiomatic Go.

1.2.2. API

  1. Web Frameworks

    • Chi

      A lightweight, idiomatic web framework for Go.

    • Echo

      A fast and minimalist web framework for routing HTTP requests.

    • Gin

      Gin is a web framework.

    • Fiber

      Express inspired web framework built on top of Fasthttp.

  2. Documentation Generators

    • Swagger

      Swagger is a set of open-source tools built around the OpenAPI Specification that can help to design, build, document, and consume REST APIs.

1.2.3. Frontend

  1. Programming & Scripting

    • JavaScript

      JavaScript is a programming language that conforms to the ECMAScript specification.

    • TypeScript

      TypeScript is a superset of JavaScript that compiles to plain JavaScript.

  2. CSS Frameworks

    • TailwindCSS

      A utility-first CSS framework for rapidly building custom designs.

    • Bootstrap

      HTML, CSS, and JavaScript framework for developing responsive, mobile projects on the web.

  3. UI Frameworks

    • React

      React is a JavaScript library for building user interfaces.

    • Vue

      Vue is a progressive framework for building user interfaces.

  4. UI Components

    • DaisyUI

      DaisyUI is a component library for Tailwind CSS.

  5. State Manager

    • Redux

      Redux is a predictable state container for JavaScript apps.

    • Vuex

      Vuex is a state management pattern and library for Vue.js applications.

  6. Packaging

    • Webpack

      Webpack is a static module bundler for modern JavaScript applications.

    • Vite

      Vite is a build tool that aims to provide a faster and leaner development experience for modern web projects.

  7. Test Frameworks

    • Playwright

      Playwright is a framework for Web Testing and Automation to testing Chromium, Firefox and WebKit with a single API.

    • Jest

      Jest is a JavaScript Testing Framework.

1.2.4. Database

  1. Relational Drivers

    • pq

      Pure Go Postgres driver for database/sql.

    • pgx

      PostgreSQL driver and toolkit offering native bindings and database/sql compatibility.

    • sqlx

      Extensions to database/sql for Go with convenience helpers.

    • sqlc

      A SQL Compiler to generate type-safe code from SQL.

    • GORM

      A ORM (Object Relational Mapping) library to work with relational databases.

  2. Non-Relational Drivers

  3. In-Memory Drivers

    • go-redis/redis

      Redis client for Go supporting Cluster, Sentinel, and generic commands.

1.2.5. Hosting

  1. Web Servers

    • Caddy

      Caddy is a powerful, extensible, enterprise-ready web server with automatic HTTPS.

    • NGINX

      NGINX is a high-performance web server that can also be used as a reverse proxy, load balancer, mail proxy, and HTTP cache.

  2. Reverse Proxy

    • Traefik

      Traefik is a modern HTTP reverse proxy and load balancer for deploying microservices.

  3. Certificate Manager

    • Let's Encrypt

      Let's Encrypt is a free, automated, and open certificate authority providing SSL/TLS certificates.

  4. Container Registry

    • Docker Hub

      Public container registry for storing and distributing Docker images.

1.3. C/C++

1.3.1. Backend

  1. Programming & Scripting

    • C

      Standard C11/C17 is used for low-level programming and hardware interfacing.

    • C++

      Standard C++17 is utilized to leverage modern object-oriented and functional programming features while maintaining compatibility.

  2. Build Systems

    • CMake

      Cross-platform build-system generator. Preferred for modern C/C++ projects; integrates with multiple toolchains and CI systems.

    • Ninja

      Lightweight, fast build backend used as CMake's primary generator for improved build performance.

    • GNU Make

      Traditional make-based build tool for Unix-like environments and simple projects.

  3. Cache Manager

    • ccache

      A compiler cache to speeds up rebuilds by reusing previously compiled object files.

    • sccache

      A shared/remote compilation cache for distributed builds with Rust and C/C++ support.

  4. Dependency Manager

    • Conan

      A decentralized, cross-platform C/C++ package manager for dependency resolution, binary distribution, and reproducible builds.

    • Vcpkg

      A cross-platform C/C++ library manager that simplifies acquiring, building, and integrating third‑party dependencies.

  5. Compilers & Toolchains

    • GNU Compiler Collection (GCC)

      GCC is a compiler system supporting various programming languages for compiling C and C++ code on Unix-like systems.

    • Clang

      Clang is an open-source compiler for the C family of programming languages, offering fast compilation and user-friendly error messages.

  6. Analysis

    • SonarQube

      A platform for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities.

    • Clang-Format

      A tool to automatically format C/C++ code according to a set of rules and style guides.

    • Sanitizers

      A suite of runtime tools to detect various types of bugs, including memory errors (AddressSanitizer), undefined behavior (UndefinedBehaviorSanitizer), and thread data races (ThreadSanitizer).

  7. Test Framework

    • GoogleTest

      GoogleTest (gtest/gmock) is a testing framework for C++, providing a rich set of features for unit testing and test-driven development.

      • Google FuzzTest

        A library for coverage-guided fuzz testing of C++ code, integrated with GoogleTest.

      • Google Benchmark

        A microbenchmark support library for GoogleTest, designed to measure the performance of C++ code.

    • CTest

      A testing tool integrated with CMake, primarily used for running tests and ensuring code quality across builds.

    • Catch2

      A modern, C++-native, header-only test framework for unit-tests, TDD and BDD.

    • gcov

      A test coverage program used to analyze and create code coverage reports for C/C++ programs.

  8. Documentation Generators

    • Doxygen

      Doxygen is a open-source API documentation generator for various programming languages, including C++.

  9. Repository Strategy

    • Modular Monolith

      The Modular Monolith organizes a single application into distinct, self-contained modules within one repository.

  10. Conventions & Style Guides

    • Google C++ Style Guide

      The Google C++ Style Guide is adopted as the primary coding style guide for consistency and readability.

    • Microsoft CMake Style Guide

      Guidelines for writing clear, portable, and maintainable CMake scripts, including target-based patterns, recommended project layout, and best practices.

1.4. Python

1.4.1. Backend

  1. Programming & Scripting

    • Python

      Python is a high-level, interpreted programming language known for its readability and versatility.

  2. Dependency Manager

    • pip

      pip is the package installer for Python to install packages from the Python Package Index and other indexes.

  3. Analysis

    • Pylint

      Pylint is a static code analyser for Python 2 or 3.

      Note

      Run commands (rc) file pylintrc for Google Python Style Guide.

    • Black

      The uncompromising Python code formatter.

  4. Test Frameworks

    • pytest

      pytest is widely used for writing simple as well as scalable test cases in Python.

  5. CLI

    Note

    Concider the Order of Precedence for the configuration of variable parameters, from highest to lowest: - Command-Line Flags - Environment Variables (Env Vars) - Dotenv Files (.env) - Config Files (.<cli>.yml) - Default Variables

    • ConfigArgParse

      ConfigArgParse is a drop-in replacement for argparse that adds support for configuration files and environment variables with proper precedence order.

    • Click

      Click is a Python package for creating command-line interfaces with support for configuration precedence.

    • Typer

      Typer is a library for building CLI applications based on Python type hints.

    • argparse

      argparse is Pythons built-in command-line parsing library. Natively does not support configuration files, it can be extended with libraries like configargparse to support order of precedence.

  6. Conventions & Style Guides

1.5. Shell

Note

Prefer high-level interpreted languages e.g. Python over Shell scripts to benefit from readable syntax and mature tooling for testing, linting, formatting, and error reporting.

  1. Programming & Scripting

    • Bash

      Bash (Bourne Again SHell) is a Unix shell and command language for writing scripts to automate tasks and workflows.

  2. Analysis

    • ShellCheck

      ShellCheck is a static analyzer for shell scripts.

    • shfmt

      shfmt formats shell scripts consistently across dialects (Bash, Dash, Ksh).

  3. Test Frameworks

    • Bats

      Bats (Bash Automated Testing System) is a TDD-style framework for testing Bash scripts, providing tests, assertions, and reporting.

  4. CLI

    • Argbash

      Argbash is not a parsing library, but it is rather a code generator that generates a bash library tailor-made for script.

  5. Conventions & Style Guides

    • Google Shell Style Guide

      The guide defines best practices for writing readable, maintainable shell scripts, covering naming, indentation, commenting, and scripting patterns.

1.6. PowerShell

  1. Programming & Scripting

    • PowerShell

      PowerShell is a cross-platform shell and scripting language for task automation and configuration management.

  2. Module Manager

    • PowerShell Modules

      PowerShell Modules are self-contained packages of functions, cmdlets, and resources that organize, distribute, and enable reuse of PowerShell code.

  3. Registry

    • PowerShell Gallery

      PowerShell Gallery is the central repository for publishing, discovering, and installing PowerShell modules and scripts.

  4. Analysis

    • PSScriptAnalyzer

      PSScriptAnalyzer performs static code analysis to enforce best practices and identify script issues.

  5. Test Frameworks

    • Pester

      Pester is a PowerShell testing framework, providing assertions, mocking, and test discovery for unit tests.

  6. Conventions & Style Guides

1.7. Containerization

  1. Container Manager

    • Docker

      Docker is an open-source platform for automating the deployment, scaling, and management of applications using containerization.

  2. Registry

    • Docker Hub

      Docker Hub is a cloud-based registry service for building and shipping application or service containers.

  3. Analysis

    • hadolint

      A Dockerfile linter that helps to build best practice Docker images.

  4. Conventions & Style Guides

    • Hardened Container Images

      Curated base images and guidelines hardened to reduce attack surface and minimize image size.

    • Dockerfile Best Practices

      Docker provides a comprehensive guide on best practices for writing Dockerfiles.

1.8. Orchestration

  1. Orchestration Manager

    • Kubernetes (kubectl, kustomiz)

      Kubernetes is an open-source container orchestration platform that automates the deployment, scaling, and management of containerized applications.

    • Docker Compose

      Docker Compose is a tool for defining and running multi-container Docker applications.

  2. Module Manager

    • Helm Charts

      Helm is a package manager for Kubernetes that simplifies the deployment of applications on a Kubernetes cluster.

  3. Secrets Manager

    • External Secrets Operator

      External Secrets Operator is a Kubernetes operator that integrates with external secret management systems to securely manage and inject secrets into Kubernetes workloads.

    • HashiCorp Vault

      HashiCorp Vault is a tool for securely accessing secrets, such as API keys, passwords, and certificates.

    • Kubernetes Secrets

      Kubernetes Secrets is a built-in feature of Kubernetes to store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys, in a secure manner.

  4. Policy Manager

    • Kyverno

      Kyverno is a policy engine designed for Kubernetes.

    • Open Policy Agent (OPA)

      Open Policy Agent (OPA) is a general-purpose policy engine used to enforce policies across various systems.

    • HashiCorp Sentinel

      HashiCorp Sentinel is a policy as code framework that provides fine-grained, logic-based policy decisions for infrastructure management.

  5. Test Frameworks

    • helm-unittest

      A Helm chart testing framework for unit testing Helm charts.

  6. Repository Strategy

    • Modular Monolith

      The Modular Monolith organizes a single application into distinct, self-contained modules within one repository.

  7. Conventions & Style Guides

    • Recommended Labels

      A common set of labels allows tools to work interoperably and describing objects in a common manner.

    • Documentation Style Guide

      A style guidelines for the writing of Kubernetes documentation.

    • Kubernetes SIG

      Kubernetes SIG (Special Interest Groups) provides Guides and API References for Kubectl and Kustomize.

1.9. Infrastructure Management

  1. Provisioning Manager

    • Terraform

      Terraform is an open-source Infrastructure-as-Code (IaC) tool that enables users to define and provision infrastructure resources using a declarative configuration language.

    • OpenTofu

      OpenTofu is a community-driven fork of Terraform, created to continue the development of Terraform after HashiCorps decision to change the license.

  2. Module Manager

  3. Registry

    • Terraform Registry

      A repository for Terraform modules and providers to share and reuse Terraform configurations.

  4. Analysis

    • terraform fmt

      Terraform built-in formatting of configuration in the standard style.

    • TFLint

      Linting of configuration files.

    • trivy

      Scanning of configuration files for vulnerabilities.

  5. Test Frameworks

    • terraform test

      Terraform built-in TDD-style testing by writing Terraform integration tests, unit tests, or mocks to verify Infrastructure-as-Code (IaC) configurations.

    • Terratest

      TDD-style testing for Infrastructure-as-Code (IaC) configurations.

    • terraform-compliance

      BDD-style testing for Infrastructure-as-Code (IaC) configurations.

  6. Documantion

    • terraform-docs

      A tool for generating documentation for Terraform modules.

  7. Repository Strategy

    • Modular Monolith

      The Modular Monolith organizes a single application into distinct, self-contained modules within one repository.

  8. Conventions & Style Guides

    • HashiCorp Terraform Style Guide

      The HashiCorp Terraform Style Guide is a comprehensive resource that provides best practices and guidelines for writing Terraform configurations.

1.10. Configuration Management

  1. Configuration Manager

    • Ansible

      Ansible is an open-source Configuration-as-Code (CaC) tool to streamline the process of configuration management, application deployment, and task automation.

  2. Module Manager

    • Ansible Collections

      Ansible Collections are curated and pre-packaged Ansible content that includes playbooks, roles, modules, and plugins.

      • OpenStack-Ansible

        Ansible Collection for OpenStack of Ansible playbooks and roles designed to deploy and manage OpenStack cloud infrastructure.

  3. Registry

    • Ansible Galaxy

      A repository for Ansible roles and collections to share and reuse Ansible content, such as roles (predefined automation tasks) and collections (bundles of roles, modules, and plugins).

  4. Analysis

    • ansible-lint

      Ansible-lint is a static analysis tool for Ansible playbooks and roles.

  5. Test Frameworks

    • ansible-test

      Ansible-test is a testing framework for Ansible that allows developers to write and run tests for their Ansible roles and playbooks.

    • Molecule

      Molecule is a testing framework for Ansible roles that provides a way to create and manage test environments.

  6. Repository Strategy

    • Modular Monolith

      The Modular Monolith organizes a single application into distinct, self-contained modules within one repository.

1.11. Documentation Management

  1. Markup Language

  2. Static Site Generator (SSG)

    • MkDocs

      MkDocs is a Static Site Generator (SSG) designed for building project documentation based on Markdown files and converts them into a full-featured website.

  3. Hosting Platform

    • GitLab Pages

      GitLab Pages is used for hosting the static documentation website generated by Static Site Generators (SSG).

    • GitHub Pages

      GitHub Pages is used for hosting the static documentation website generated by Static Site Generators (SSG).

  4. Analysis

    • markdownlint

      A static analysis tool for Markdown files that ensures adherence to formatting rules and conventions.

  5. Conventions & Style Guides

    • Google Markdown Style Guide

      A comprehensive guide to writing clear, concise, and well-formatted documentation using Markdown.

    • GitLab Documentation Style Guide

      GitLabs style guide for writing documentation, providing guidelines on structure, formatting, and best practices for clarity and consistency.

1.13. GitOps

  1. Frameworks

    • Terraform Enterprise

      Terraform Enterprise is a commercial version of Terraform that provides additional features for managing infrastructure at scale.

    • Spinnaker

      Spinnaker is an open-source continuous delivery platform that provides a comprehensive solution for deploying applications across multiple cloud providers.

    • Argo CD

      Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

    • Flux

      Flux is a GitOps tool for Kubernetes that automates the deployment of applications and infrastructure changes.

1.14. Cloud Computing

1.14.1. Hosting

  1. Provisioning Manager

    • AWS

      The AWS provider is used to interact with the resources supported by Amazon Web Services (AWS).

    • OpenStack

      The OpenStack provider is used to interact with the resources supported by OpenStack.

    • Azure

      The Azure provider is used to interact with the resources supported by Microsoft Azure.

    • Google Cloud Platform (GCP)

      The Google Cloud Platform (GCP) provider is used to interact with the resources supported by Google Cloud Platform.

1.15. Observability

  1. Monitoring/Metrics

    Timestamped, structured records of system performance (e.g., CPU usage, memory consumption).

    • Prometheus

      Prometheus is an open-source monitoring and alerting toolkit designed for reliability and scalability.

    • Prometheus Alertmanager

      Prometheus Alertmanager is an open-source tool that handles alerts generated by Prometheus.

    • Prometheus Node Exporter

      Prometheus Node Exporter is an open-source tool that collects hardware and operating system metrics from Linux-based systems.

    • Prometheus Blackbox Exporter

      Prometheus Blackbox Exporter is an open-source tool that allows users to probe endpoints over various protocols (HTTP, HTTPS, DNS, TCP, ICMP) and collect metrics about their availability and performance.

    • Grafana

      Grafana is an open-source analytics and monitoring platform that provides a powerful and flexible way to visualize and analyze time-series data.

  2. Logging/Logs

    Timestamped, structured, unstructured or semi-structured records of system events (e.g., application logs, system logs, access logs).

    • Grafana Loki

      Grafana Loki is an open-source log aggregation system designed to efficiently collect, store, and query logs from various sources.

    • Grafana Promtail

      Promtail is an open-source agent that collects logs from various sources and sends them to Grafana Loki for storage and analysis.

      Caution

      Promtail is deprecated and will be replaced by Grafana Alloy.

  3. Tracing/Traces

    Records of end-to-end request flows across distributed systems.

    • Grafana Tempo

      Grafana Tempo is an open-source, high-scale distributed tracing backend designed to ingest and store trace data from various sources.

    • Grafana Alloy

      Grafana Alloy is an open-source distribution of the OpenTelemetry Collector, designed to aggregate observability signals such as metrics, logs, and traces from various sources.

  4. Profiles

    Records of resource utilization and performance characteristics (e.g., CPU, memory, I/O) at the code level (e.g., function execution times).

    Note

    Profiles are not yet widely adopted in the industry, but they are gaining traction as a way to gain deeper insights into application performance and resource utilization.

  5. Conventions & Style Guides

    • OpenTelemetry

      OpenTelemetry is an open-source observability framework that provides a set of APIs, libraries, agents, and instrumentation to collect and export telemetry data (metrics, logs, and traces) from applications.

    • OpenMetrics

      OpenMetrics is an open-source standard for transmitting metrics data in a consistent and efficient format.

    • eBPF

      eBPF (Extended Berkeley Packet Filter) is a powerful technology that allows developers to run custom code in the Linux kernel without modifying the kernel itself.

1.16. Database

  1. Relational Database (SQL)

    • PostgreSQL

      A robust, open-source object–relational database system that extends SQL with advanced features. PostgreSQL is widely adopted for Online Transaction Processing (OLTP), offering ACID compliance, complex query support, extensibility, and strong indexing for high-performance workloads.

    • SQLite

      A C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. Ideal for embedded applications, local development, and testing.

    ORM (Object–Relational Mappers)

    - [x] [GORM](https://gorm.io/)
    > Active Record–inspired ORM with support for associations, migrations, and query building for Go.

- [x] [SQLAlchemy](https://www.sqlalchemy.org/)
    > The Python SQL Toolkit and Object Relational Mapper that gives application developers the full power and flexibility of SQL.

- [ ] [Ent](https://entgo.io/)
    > An entity framework for Go, a powerful ORM for modeling and querying data.

  2. Non-Relational Database (NoSQL)

    • MongoDB

      A distributed, document-oriented database that stores data in flexible JSON-like structures. MongoDB is suited for semi-structured or unstructured datasets, emphasizing horizontal scalability, automatic sharding, and high availability for modern NoSQL workloads.

    ODM (Object–Document Mappers)

    - [ ] [Beanie](https://github.com/roman-right/beanie)
    > An asynchronous Python object-document mapper (ODM) for MongoDB, built on top of Motor and Pydantic.

  3. In-Memory Database (Caching / Message Broker)

    • Redis

      An open-source, in-memory data structure store used as a cache, database, and message broker. Redis supports advanced data types, persistence, clustering, and pub/sub messaging, making it ideal for low-latency caching and real-time event-driven architectures.

    • Memcached

      A high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.

2. References