ada/agentguard-ci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8c2c420bffcb34d9f08751db2b788798f879c797
agentguard-ci/docs/plans/phase2-step3-kics.md
T
Elizabeth W 963e020efa plan files
2026-04-19 22:12:00 -06:00

748 B
Raw Blame History

Implementation Plan: KICS IaC Scanner

Objective

Implement the KICS (Keeping Infrastructure as Code Secure) scanning step as a parallel task in the DAG.

Requirements

  • Define a task template named scan-kics.
  • Depend on the clone-repo task.
  • Mount the shared PVC at /workspace.
  • Run KICS against the /workspace directory (or the specific working-dir parameter).
  • Output findings in SARIF and/or JSON format.
  • Save the output to /workspace/reports/kics.sarif.
  • Ensure the task exits successfully even if issues are found, to allow Phase 3 aggregation (e.g., wrap with || true).

Agent Instructions

  1. Add the scan-kics template to the ClusterWorkflowTemplate.
  2. Wire it into the DAG alongside the other scanners.
Reference in New Issue View Git Blame Copy Permalink