# for the pipeline
## languages
#### The tools we are using to write this in and deploy it
helm
pulumi
argo workflows?

## pipeline
#### The actual steps in the pipeline
pulumi
pulumi crossguard
socket.dev
argo workflows
semgrep
trufflehog
syft // do we need this as socket.dev or semgrep can do sbom?
grype
renovate bot
kics (keeping infrastructure as code secure)

## k8's
#### Things I assume I need installed in my k8's cluster
infisical
argo workflows
defectdojo

## repository
#### Things to set on the repository
branch protection

## local
#### Things to add to my chezmoi install so that they are always available but should be mentioned as things the user should have
eslint-plugin-security
gitleaks
socket cli

## Might be needed
#### Things that we might need. I am unsure if we have other tools that sufficiently cover the security concerns
trivy

# For homelab
## optional things
#### These are things that will exist in my homelab eventually, however they are not needed for this pipeline I think
harbor containe registry
suse security (neuvector)
nexus package caching