Static code analysis for Infrastructure-as-code.
clair is a tool for doing static vulnerability analysis in OCI and Docker containers.
JetBrains announced the early access program for Qodana, their new static analysis tool suited for running in CI/CD environments.