IdeaWell

Project ideas from Hacker News discussions.

The RISE RISC-V Runners: free, native RISC-V CI on GitHub

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

1. Trust & Security Concerns

"I’m a fan of this, although I’m concerned about the security/trust model: using a third‑party CI orchestrator on top of GHA means trusting them with all of your secrets, potentially sensitive logs, etc." — woodruffw

2. Hardware Performance Improving

"My experience with RISC‑V so far is that the chips are not much faster than QEMU emulation." — stabbles
"The SpacemiT K3 is faster than QEMU. Much faster chips are expected to release over the next few months." — LeFantome

3. Support for Open‑Source CI Goals

"RISE is supported by many legit companies. Stealing is for sure not the intent." — LeFantome

🚀 Project Ideas

Zero‑TrustCI Proxy

Summary

  • Run GitHub Actions on isolated hardware without exposing secrets.
  • Privacy‑first CI for public repositories.

Details

Key Value
Target Audience Open‑source maintainers of public repositories
Core Feature Isolated container‑based execution that encrypts logs and never stores secrets
Tech Stack Docker, Kubernetes, HashiCorp Vault, OpenTelemetry
Difficulty Medium
Monetization Revenue-ready: Subscription per CI minute

Notes

  • “People better not be snooping on my public open source projects!” – ctz
  • Directly addresses trust concerns raised by mhitza and LeFantome
  • Low friction integration with existing GitHub workflows

RISC‑V Hardware Marketplace

Summary

  • Provide on‑demand access to emerging RISC‑V boards for CI testing.
  • Enable maintainers to verify builds on real silicon without upfront hardware costs.

Details

Key Value
Target Audience RISC‑V project maintainers and open‑source CI users
Core Feature Subscription‑based rental of vetted RISC‑V development boards with pre‑configured CI images
Tech Stack Bare‑metal provisioning via iPXE, Kubernetes for scheduling, Prometheus monitoring
Difficulty High
Monetization Revenue-ready: Tiered pricing based on GPU‑equivalent compute hours

Notes

  • “SpacemiT K3 is faster than QEMU. Much faster chips are expected…” – LeFantome
  • Addresses the hardware scarcity lamented by camel‑cdr and boredatoms- Creates a market for cheap, shared RISC‑V CI resources

Open‑Source CI Provenance Tracker

Summary

  • Automatically attach cryptographically signed provenance records to every CI run.
  • Allow reviewers to verify that builds executed on claimed hardware and under declared configurations.

Details

Key Value
Target Audience Open‑source project maintainers and security reviewers
Core Feature Immutable provenance logs signed with Sigstore, searchable via a public dashboard
Tech Stack GitHub Actions, Sigstore, InterPlanetary File System (IPFS) for storage
Difficulty Medium
Monetization Hobby

Notes

  • Echoes IshKebab’s hope that “GitHub won’t ruin this with their CI charging changes” by providing an independent verification layer
  • Mitigates concerns about third‑party trust discussed by stabbles and woodruffw
  • Offers practical utility for audits and compliance without monetary cost

Read Later