Pre-built initiatives
Initiative Library
The maintenance work nobody has time for, pre-written. Pick one; Tidra runs it across every repo that needs it.
Replace static cloud secrets
with short-lived OIDC role
assumptions in every workflow.Showing 37 initiatives
Add Monitoring Configuration
Add or standardize monitoring and observability configuration across all services: Datadog agent configs, OpenTelemetry instrumentation, health check endpoints, or Prometheus annotations.
Add Security Policy Files
Add standardized SECURITY.md files to all repositories with your organization's vulnerability reporting instructions, security contacts, and disclosure policy.
Alerting Standards Push
Standardize alert rules across every service so every team gets consistent severity labels, runbook links, and routing. No more drifted thresholds or untriaged pages.
Angular Major Version Upgrade
Walk Angular apps through a major version upgrade: ng update orchestration, standalone components adoption, and deprecated API replacements across every frontend.
Auto-Merge Dependency PRs
Wire up an auto-merge workflow so Dependabot and Renovate PRs for patch and minor bumps merge automatically when CI passes, freeing maintainers from the rubber-stamp queue.
DataDog Regional Domain Migration
Update every DataDog agent and SDK config to point at a regional DataDog domain (e.g., for data residency or compliance) instead of the default global endpoint.
Docker Base Image Registry Migration to AWS ECR
Move every Dockerfile `FROM` reference from a legacy registry (e.g., JFrog Artifactory) to AWS ECR so image pulls stop crossing networks and tracking moves to a single registry.
Enforce Docker Non-Root User
Update all Dockerfiles to run containers as a non-root user, a fundamental container security best practice required by most compliance frameworks.
Generate FedRAMP Compliance Documentation
Generate standardized FedRAMP security control documentation for every service in your organization. Creates SECURITY.md files documenting data handling, encryption, access controls, and audit logging based on actual code analysis.
GitHub Actions SBOM Generation & Upload
Add SBOM generation and upload to every build pipeline so every release artifact has a signed bill of materials attached.
GitHub Terraform Provider: App Authentication Migration
Migrate the `integrations/github` Terraform provider from personal access tokens to GitHub App authentication so Terraform runs no longer depend on an individual’s PAT.
Harness CI Build Pipeline: OIDC Connector
Migrate Harness CI build pipelines from long-lived cloud credentials to OIDC-based connectors so pipelines authenticate to AWS, GCP, and Azure without stored secrets.
Kafka to Redpanda IaC Migration
Migrate Terraform modules and Helm charts from Apache Kafka resources (Strimzi, MSK) to Redpanda equivalents so the platform team can decommission the old cluster.
LaunchDarkly Code References: Backend
Wire up the LaunchDarkly `find-code-references` GitHub Action in every backend repo so flag usage is automatically tracked back to LaunchDarkly.
Migrate .NET Framework to .NET 8
Migrate services from .NET Framework (4.x) to modern .NET 8: project file conversion, API replacements, and configuration model rewrites across every service.
Migrate Bitbucket Pipelines to GitHub Actions
Convert Bitbucket Pipelines configurations to GitHub Actions workflows across all repositories. Maps pipeline steps, caches, artifacts, and deployment environments to their GitHub Actions equivalents.
Migrate CircleCI to GitHub Actions
Convert CircleCI pipeline configurations to GitHub Actions workflows across all your repositories. Maps jobs, steps, environment variables, caching, and artifact handling to their GitHub Actions equivalents.
Migrate Jenkins to GitHub Actions
Convert Jenkinsfile pipelines to GitHub Actions workflows across your repositories. Handles declarative and scripted pipeline syntax, shared libraries, and plugin-specific steps.
Migrate kafka-user Module to redpanda-user
Swap usages of the internal `kafka-user` Terraform module for the new `redpanda-user` module across every service repo. Same intent, new module, slightly different inputs.
Node.js HTTP Server Timeout Configuration
Set explicit `headersTimeout`, `requestTimeout`, and `keepAliveTimeout` values on every Node.js HTTP server so slowloris attacks and load-balancer races stop causing 502s.
NuGet Package Source Mapping Enforcement
Add explicit `<packageSourceMapping>` entries to every `nuget.config` so dependency confusion attacks become impossible. Every package can only resolve from the source you trust.
Python 2 to 3 Migration
Migrate remaining Python 2 services to Python 3, print statements, unicode handling, division semantics, and library replacements across every service.
RabbitMQ Migration Cleanup for .NET Services
Remove leftover RabbitMQ client code, configuration, and NuGet packages from .NET services that have already migrated their messaging to a new broker.
Rails 6 to 7 Migration
Migrate Ruby on Rails services from 6.x to 7.x, zeitwerk autoloading, Hotwire defaults, deprecation cleanup, and gem compatibility fixes across every service.
React 17 to 19 Migration
Migrate React apps from 17 to 19, concurrent rendering opt-in, removed APIs (string refs, legacy context), and new JSX transform across every frontend.
Remove Prometheus Job→App Relabeling
Strip the legacy `job→app` metric relabeling block from every Prometheus scrape config and ServiceMonitor so dashboards and alerts can rely on the standard `job` label.
Spring Boot 2 to 3 Migration
Migrate Java services from Spring Boot 2.x to 3.x, Jakarta EE namespace rewrites, deprecated API replacements, and configuration property renames across every service.
Standardize CODEOWNERS
Add or update CODEOWNERS files across all repositories to enforce consistent review policies, ensuring every repo has clear ownership and required reviewers for critical paths.
Standardize Dockerfile Base Images
Update all Dockerfiles to use approved base images from your organization's container registry, enforcing consistent and secure base layers across all services.
Standardize GitHub Actions Workflows
Enforce consistent structure and patterns across all GitHub Actions workflows: action versions, checkout steps, caching, timeout settings, and naming conventions.
Standardize README Structure
Ensure all repositories have a consistent README structure with required sections: description, setup instructions, deployment, team ownership, and links to related documentation.
Switch to T-Shirt Sized GitHub Actions Runners
Migrate workflows from ad-hoc runner labels to a small set of T-shirt sized runners (`runner-s`, `runner-m`, `runner-l`) so capacity planning and cost attribution become predictable.
Update GitHub Actions Runners
Update GitHub Actions runner specifications across all workflow files. Migrate from deprecated runner images, switch between GitHub-hosted and self-hosted runners, or update runner labels.
Update IaC Resource Makefile
Refresh the per-resource `Makefile` in every IaC repo so `make plan`, `make apply`, and `make fmt` targets stay aligned with the latest Terraform tooling and CI conventions.
Upgrade go-common Library for Kafka Improvements
Bump your shared `go-common` library to the latest version across every Go service to pick up Kafka consumer rebalancing fixes and metric improvements.
Upgrade Node.js Runtime (16 to 20)
Move Node.js services from an EOL runtime (16) to the current LTS (20). Updates CI runtimes, Dockerfiles, engines fields, and patches breaking-change call sites.
Vue 2 to 3 Migration
Migrate Vue apps from 2.x to 3.x, Composition API adoption, global API changes, v-model breaking changes, and Vuex → Pinia where appropriate.
Not in the library yet.
Tidra can run any initiative you write. Build your own, or have us scope it with you.
Don't see your use case?
Tell us what you need and we'll build it, or help you build it yourself.