final plan notes
This commit is contained in:
Elizabeth W
@@ -0,0 +1,47 @@
|
||||
# for the pipeline
|
||||
## languages
|
||||
#### The tools we are using to write this in and deploy it
|
||||
helm
|
||||
pulumi
|
||||
argo workflows?
|
||||
|
||||
## pipeline
|
||||
#### The actual steps in the pipeline
|
||||
pulumi
|
||||
pulumi crossguard
|
||||
socket.dev
|
||||
argo workflows
|
||||
semgrep
|
||||
trufflehog
|
||||
syft // do we need this as socket.dev or semgrep can do sbom?
|
||||
grype
|
||||
renovate bot
|
||||
kics (keeping infrastructure as code secure)
|
||||
|
||||
## k8's
|
||||
#### Things I assume I need installed in my k8's cluster
|
||||
infisical
|
||||
argo workflows
|
||||
defectdojo
|
||||
|
||||
## repository
|
||||
#### Things to set on the repository
|
||||
branch protection
|
||||
|
||||
## local
|
||||
#### Things to add to my chezmoi install so that they are always available but should be mentioned as things the user should have
|
||||
eslint-plugin-security
|
||||
gitleaks
|
||||
socket cli
|
||||
|
||||
## Might be needed
|
||||
#### Things that we might need. I am unsure if we have other tools that sufficiently cover the security concerns
|
||||
trivy
|
||||
|
||||
# For homelab
|
||||
## optional things
|
||||
#### These are things that will exist in my homelab eventually, however they are not needed for this pipeline I think
|
||||
harbor containe registry
|
||||
suse security (neuvector)
|
||||
nexus package caching
|
||||
|
||||
Reference in New Issue
Block a user