ada/agentguard-ci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8c2c420bffcb34d9f08751db2b788798f879c797
agentguard-ci/docs/plans/phase2-step4-socketdev.md
T
Elizabeth W 963e020efa plan files
2026-04-19 22:12:00 -06:00

942 B
Raw Blame History

Implementation Plan: Socket.dev Scanner

Objective

Implement the Socket.dev supply chain security scanning step as a parallel task in the DAG.

Requirements

  • Define a task template named scan-socketdev.
  • Depend on the clone-repo task.
  • Mount the shared PVC at /workspace.
  • Expect the Socket.dev API key to be injected via Infisical as an environment variable (use the initContainer wait logic from Phase 1 Step 3).
  • Run the Socket CLI against the dependency manifests in /workspace.
  • Output findings in a standard format (JSON/SARIF).
  • Save the output to /workspace/reports/socketdev.json.
  • Ensure the task exits successfully (e.g. || true) to allow Phase 3 aggregation.

Agent Instructions

  1. Add the scan-socketdev template to the ClusterWorkflowTemplate.
  2. Configure the Infisical initContainer logic for this specific step to wait for the API key.
  3. Wire it into the DAG alongside the other scanners.
Reference in New Issue View Git Blame Copy Permalink