final plan notes
This commit is contained in:
Elizabeth W
@@ -0,0 +1,47 @@
|
|||||||
|
# for the pipeline
|
||||||
|
## languages
|
||||||
|
#### The tools we are using to write this in and deploy it
|
||||||
|
helm
|
||||||
|
pulumi
|
||||||
|
argo workflows?
|
||||||
|
|
||||||
|
## pipeline
|
||||||
|
#### The actual steps in the pipeline
|
||||||
|
pulumi
|
||||||
|
pulumi crossguard
|
||||||
|
socket.dev
|
||||||
|
argo workflows
|
||||||
|
semgrep
|
||||||
|
trufflehog
|
||||||
|
syft // do we need this as socket.dev or semgrep can do sbom?
|
||||||
|
grype
|
||||||
|
renovate bot
|
||||||
|
kics (keeping infrastructure as code secure)
|
||||||
|
|
||||||
|
## k8's
|
||||||
|
#### Things I assume I need installed in my k8's cluster
|
||||||
|
infisical
|
||||||
|
argo workflows
|
||||||
|
defectdojo
|
||||||
|
|
||||||
|
## repository
|
||||||
|
#### Things to set on the repository
|
||||||
|
branch protection
|
||||||
|
|
||||||
|
## local
|
||||||
|
#### Things to add to my chezmoi install so that they are always available but should be mentioned as things the user should have
|
||||||
|
eslint-plugin-security
|
||||||
|
gitleaks
|
||||||
|
socket cli
|
||||||
|
|
||||||
|
## Might be needed
|
||||||
|
#### Things that we might need. I am unsure if we have other tools that sufficiently cover the security concerns
|
||||||
|
trivy
|
||||||
|
|
||||||
|
# For homelab
|
||||||
|
## optional things
|
||||||
|
#### These are things that will exist in my homelab eventually, however they are not needed for this pipeline I think
|
||||||
|
harbor containe registry
|
||||||
|
suse security (neuvector)
|
||||||
|
nexus package caching
|
||||||
|
|
||||||
Reference in New Issue
Block a user