Work Member of Technical Staff at Ona. Building the agent harness and the infrastructure it runs on. Some of the stuff I have worked on: Prebuilds Snapshot system that runs…
Work
Member of Technical Staff at Ona. Building the agent harness and the infrastructure it runs on.
Some of the stuff I have worked on:
Prebuilds
Snapshot system that runs git clone, dependency installation and build steps ahead of time, so new development environments start from a ready state instead of from scratch. Cut environment startup from minutes to seconds for large repositories.
Enterprise Runner
Self hosted runner that deploys Ona's runner infrastructure inside customer AWS VPCs. Source code, credentials, and build artifacts stay inside the customer network.
Automations
Built automation system for triggering actions based on workspace lifecycle events (e.g., running tasks on workspace start, executing scripts on prebuild completion).
Single Sign-On
Implemented SSO integration enabling enterprise customers to use their identity providers for authentication.
Source Control Providers
Integrated GitLab, Bitbucket, and Azure DevOps as source control providers, enabling users to connect repositories from multiple platforms.
Billing System
Built billing infrastructure for usage-based pricing and subscription management.
---
Open Source
Construct
github.com/furisto/constructAPI-first, multi-agent coding assistant with client-server architecture. Built for engineers who want programmatic control over their AI workflows.
Key features:
- Code-based tool calling via JavaScript (hundreds of tool calls in a single turn)
- Full API access via gRPC
- Multiple specialized agents (plan, edit, quick) with custom agent support
- Full terminal experience with interactive TUI
- Multi-provider support (Anthropic, more coming)
Youki
7.4k★ • github.com/youki-dev/youki • CNCF Sandbox project
OCI-compliant container runtime written in Rust. Alternative to runc (Docker) and crun (Red Hat). Docker delegates container creation to runtimes like youki, which handle namespaces, cgroups, and filesystem isolation.
Early core contributor. Key work included:
- WebAssembly workload support
- cgroups v2 implementation
- Command-line interface
- Library API (embeddable runtime)
- Rootless containers
- Systemd resource control integration
View all contributions →
oci-spec-rs
12M+ downloads • github.com/youki-dev/oci-spec-rsRust implementation of OCI specifications. Wrote the initial image spec implementation and contributed heavily to the runtime spec. Used by containerd, Kubewarden, and others.
Gitpod
13.5k★ • github.com/gitpod-io/gitpodKubernetes Controller (ws-manager-mk2)
Built Kubernetes controller managing workspace lifecycle for Gitpod's SaaS platform. Replaced gRPC-based state management with CRD-based architecture. Decoupled workspace lifecycle from pod lifecycle, enabling restarts without service interruption. Improved reliability from 99.9% to 99.99%.
Workspace Classes
Implemented resource tiering system enabling customers to select differently sized workspaces based on computational needs.
DDoS Protection
Initiated and implemented rate limiting using nftables to prevent abuse. Used token bucket algorithm to limit connection attempts while allowing existing connections to continue. Reduced on-call alerts by 34%.
Pressure Stall Information (PSI)
Implemented scraping of Linux PSI metrics to diagnose performance issues in customer workspaces. Enables troubleshooting resource contention (CPU, memory, I/O pressure).
-
construct
API-first multi-agent coding assistant with CodeAct tool calling and first-class terminal support.
Go ★ 63 26d agoExplain → -
dotfiles
No description.
Shell ★ 3 1y agoExplain → -
youki ⑂
Experimental implementation of the oci-runtime in Rust
Rust ★ 1 3y agoExplain → -
azure-webjobs-sdk ⑂
Azure WebJobs SDK
C# ★ 0 7y agoExplain → -
furisto
No description.
★ 0 12d agoExplain → -
skills
No description.
★ 0 4mo agoExplain → -
homebrew-tap
No description.
Ruby ★ 0 5mo agoExplain → -
docs
No description.
MDX ★ 0 8mo agoExplain → -
system-prompts
No description.
★ 0 1y agoExplain → -
limbo ⑂
Limbo is a project to build the modern evolution of SQLite.
★ 0 1y agoExplain → -
oci-spec-rs ⑂
OCI Runtime and Image Spec in Rust
★ 0 4y agoExplain → -
oauth2 ⑂
Go OAuth2
★ 0 1y agoExplain → -
cuda-samples ⑂
Samples for CUDA Developers which demonstrates features in CUDA Toolkit
C ★ 0 1y agoExplain → -
template-golang-cli ⑂
A CLI template, written in Go, configured for Gitpod (www.gitpod.io) to give you pre-built, ephemeral development environments in the cloud.
★ 0 3y agoExplain → -
gitpod-minimal-custom-dockerfile
The most lightweight custom Dockerfile for Gitpod
★ 0 4y agoExplain → -
adventofcode ⑂
Advent of Code solutions written in Kotlin
★ 0 3y agoExplain → -
tengu
No description.
Rust ★ 0 3y agoExplain → -
gp-template-python-django ⑂
A Django template, configured for Gitpod (www.gitpod.io) to give you pre-built, ephemeral development environments in the cloud.
★ 0 3y agoExplain → -
kubebuilder-tutorial
No description.
Go ★ 0 3y agoExplain → -
procfs ⑂
Rust library for reading the Linux procfs filesystem
Rust ★ 0 3y agoExplain → -
runc ⑂
CLI tool for spawning and running containers according to the OCI specification
Go ★ 0 3y agoExplain → -
groupfinder
No description.
Python ★ 0 4y agoExplain → -
libnftnl
Clone of git.netfilter.org/libnftnl/
★ 0 4y agoExplain → -
tetragon ⑂
eBPF-based Security Observability and Runtime Enforcement
★ 0 4y agoExplain → -
d-state
No description.
★ 0 4y agoExplain → -
gitpod ⑂
Gitpod automates the provisioning of ready-to-code development environments.
★ 0 3y agoExplain → -
prebuild-experiment ⑂
No description.
★ 0 3y agoExplain → -
linux ⑂
Linux kernel source tree
★ 0 4y agoExplain → -
libseccomp-golang ⑂
The libseccomp golang bindings repository
Go ★ 0 4y agoExplain → -
libseccomp-golang-playground ⑂
No description.
★ 0 4y agoExplain → -
libseccomp ⑂
The main libseccomp repository
★ 0 4y agoExplain → -
gitpod-repro
No description.
Go ★ 0 2mo agoExplain → -
sagetrac-mirror ⑂
mirror of the main SageMath git repo
★ 0 4y agoExplain → -
test
No description.
Rust ★ 0 4y agoExplain → -
brecht
No description.
Go ★ 0 4y agoExplain → -
pinns.rs ⑂
A simple utility to pin Linux namespaces
★ 0 4y agoExplain → -
containrs ⑂
General purpose container library
★ 0 4y agoExplain → -
gitpod-hello-ui-demo ⑂
Hello world UI example for Gitpod
★ 0 4y agoExplain → -
criu
No description.
Rust ★ 0 4y agoExplain → -
runtime-spec ⑂
OCI Runtime Specification
★ 0 5y agoExplain → -
runtime-tools ⑂
OCI Runtime Tools
Go ★ 0 5y agoExplain → -
gg
git implemented in go
Go ★ 0 5y agoExplain → -
AsyncAwaitDeepDive
Examples for the "Async Await Deep Dive" presentation
C# ★ 0 7y agoExplain → -
cli ⑂
The Docker CLI
★ 0 5y agoExplain → -
CKAD-exercises ⑂
A set of exercises to prepare for Certified Kubernetes Application Developer exam by Cloud Native Computing Foundation
★ 0 5y agoExplain → -
kansible ⑂
Kansible lets you orchestrate operating system processes on Windows or any Unix in the same way as you orchestrate your Docker containers with Kubernetes by using Ansible to provision the software onto hosts and Kubernetes to orchestate the processes
★ 0 10y agoExplain → -
mp-cloud-workshop
No description.
HTML ★ 0 7y agoExplain →
No repos match these filters.