diff --git a/docs/final-plan-notes.md b/docs/final-plan-notes.md
new file mode 100644
index 0000000..676e61f
--- /dev/null
+++ b/docs/final-plan-notes.md
@@ -0,0 +1,47 @@
+# for the pipeline
+## languages
+#### The tools we are using to write this in and deploy it
+helm
+pulumi
+argo workflows?
+
+## pipeline
+#### The actual steps in the pipeline
+pulumi
+pulumi crossguard
+socket.dev
+argo workflows
+semgrep
+trufflehog
+syft // do we need this as socket.dev or semgrep can do sbom?
+grype
+renovate bot
+kics (keeping infrastructure as code secure)
+
+## k8's
+#### Things I assume I need installed in my k8's cluster
+infisical
+argo workflows
+defectdojo
+
+## repository
+#### Things to set on the repository
+branch protection
+
+## local
+#### Things to add to my chezmoi install so that they are always available but should be mentioned as things the user should have
+eslint-plugin-security
+gitleaks
+socket cli
+
+## Might be needed
+#### Things that we might need. I am unsure if we have other tools that sufficiently cover the security concerns
+trivy
+
+# For homelab
+## optional things
+#### These are things that will exist in my homelab eventually, however they are not needed for this pipeline I think
+harbor containe registry
+suse security (neuvector)
+nexus package caching
+