cds
CDS is an open-source, enterprise-grade CI/CD and DevOps automation platform written in Go. It enables teams to build complex deployment workflows with visual configuration, git integration, and support for multiple environments. The platform is used in production at OVH and emphasizes horizontal scalability, high availability, and self-service pipeline management.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | ovh/cds |
| Owner | ovh |
| Primary language | Go |
| License | BSD-3-Clause — OSI-approved |
| Stars | 4.8k |
| Forks | 453 |
| Open issues | 157 |
| Latest release | v0.54.1 (2024-04-02) |
| Last updated | 2026-07-07 |
| Source | https://github.com/ovh/cds |
What cds is
CDS provides workflow-as-code capabilities (YAML-based), REST API, multi-stage pipeline orchestration with concurrent job execution, native VCS integration (GitHub, GitLab, Bitbucket, Gerrit), event-driven triggers, ephemeral service prerequisites, remote caching, and an enterprise event bus (Kafka/RabbitMQ compatible). Architecture supports distributed worker pools for scalability.
Get the cds source
Clone the repository and explore it locally.
git clone https://github.com/ovh/cds.gitcd cds# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Database is the single source of truth; establish robust backup and disaster recovery procedures before production deployment.
- Distributed worker architecture requires careful resource planning; docker-compose tutorial available for initial evaluation but production setup involves infrastructure decisions.
- YAML-based workflow-as-code integrates with git repositories; teams need clear version control strategy for pipeline definitions.
- Multi-environment support with segregated access control requires upfront RBAC and secrets management planning.
- Service prerequisites (docker-based) depend on container runtime availability; network isolation between job services is handled by platform but requires docker knowledge.
When to avoid it — and what to weigh
- Seeking a fully managed, zero-ops CI/CD service — CDS requires self-hosted deployment and operational management. No official SaaS offering is evident; requires database backup strategy and infrastructure provisioning.
- Need rapid, vendor-backed commercial support — Community-driven project with core team on GitHub discussions only. No commercial support tier or SLA guarantees documented. Suitable for teams comfortable with open-source support models.
- Minimal deployment footprint required — Enterprise-grade platform with multiple components (server, workers, database). Lighter alternatives (Jenkins, CircleCI) may fit smaller teams better.
- Require battle-tested, widely adopted platform — While production-ready at OVH since 2015, adoption footprint remains modest (4,831 stars). Consider risk tolerance for less-mainstream tooling.
License & commercial use
Licensed under BSD-3-Clause (Revised BSD), an OSI-approved permissive license permitting commercial use, modification, and distribution with attribution and liability disclaimers. No copyleft restrictions.
BSD-3-Clause clearly permits commercial use. However, no commercial support, hosting, or indemnification are evident from the data. Organizations deploying commercially should review license terms independently and assess support model (community-only).
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | High |
| DEV.co fit | Good |
| Assessment confidence | High |
Data model: all state stored in database; filesystem-independent reduces some attack surface. No security audit, vulnerability disclosure process, or penetration test results evident in provided data. Considerations for production: implement database encryption at rest/transit, manage secrets (environment variables, OAuth tokens) via access control, audit VCS webhook authenticity, segregate worker network access. Requires independent security review before sensitive deployments.
Alternatives to consider
Jenkins / Jenkins X
Mature, widely deployed, extensive plugin ecosystem. Heavier operational footprint; workflow-as-code via Jenkinsfile (Groovy). Consider if existing Jenkins investment exists.
GitLab CI/CD
Cloud-native, deeply integrated with GitLab VCS, lower operational overhead. Tighter vendor lock-in; YAML pipeline model similar to CDS workflows.
ArgoCD / Flux (Kubernetes-native)
GitOps-first, declarative, excellent for Kubernetes deployments. Narrower scope (deployment orchestration vs. full CI/CD); requires Kubernetes cluster.
Build on cds with DEV.co software developers
Spin up a docker-compose instance from the official tutorials to explore workflow design and git integration, then assess infrastructure and support model fit for your production requirements.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
cds FAQ
Is CDS suitable for production use?
What is a CDS Workflow and how does it differ from pipelines?
How does CDS handle state and disaster recovery?
What support options are available?
Work with a software development agency
From first prototype to production, DEV.co delivers software development services around tools like cds. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.
Ready to evaluate CDS for your organization?
Spin up a docker-compose instance from the official tutorials to explore workflow design and git integration, then assess infrastructure and support model fit for your production requirements.