agentguard-ci/README.md

# agentguard-ci

A DevSecOps Argo Workflows pipeline designed to protect against AI coding agent hallucinations, supply chain attacks, and security misconfigurations in a homelab or solo-developer environment.

## Problem

AI coding agents are highly productive junior developers, but they lack intrinsic context. They can hallucinate credentials, introduce insecure logic, or pull in risky dependencies.

This project adds a reusable security gate in front of deployment by cloning a repository into an Argo workflow, running multiple scanners in parallel, uploading supported results to DefectDojo and object storage, and enforcing a CVSS-based policy threshold.

## What the pipeline does

- Runs TruffleHog for secret scanning.
- Runs Semgrep for first-party code scanning.
- Runs KICS for infrastructure misconfiguration scanning.
- Runs Socket.dev for dependency risk scanning.
- Runs Syft and Grype for SBOM generation and vulnerability scanning.
- Runs Pulumi CrossGuard for policy-pack validation.
- Uploads supported reports to DefectDojo when enabled.
- Uploads raw reports to S3-compatible storage when enabled.
- Fails the workflow when findings meet or exceed the configured CVSS threshold.

## Prerequisites

Install these separately in your cluster before using this chart:

- Argo Workflows
- Infisical Kubernetes Operator, if you want this chart to sync secrets automatically
- DefectDojo, if you want report ingestion enabled
- MinIO or another S3-compatible store, if you want raw report uploads enabled

You will also need the corresponding credentials for Socket.dev, Pulumi, AWS or MinIO, and DefectDojo.

## Validation workflow

For fast validation while wiring up infrastructure, use these tools together:

- `helm lint ./helm`
- `helm template agentguard-ci ./helm`
- `helm template agentguard-ci ./helm | kubectl apply --dry-run=client -f -`
- `helm template agentguard-ci ./helm | kubectl apply --dry-run=server -f -`
- `argo lint rendered.yaml`

Notes:

- `helm lint` catches Helm chart problems.
- `kubectl --dry-run=client` catches basic Kubernetes schema issues without talking to the cluster.
- `kubectl --dry-run=server` is better once the cluster already has the Argo and Infisical CRDs installed.
- `argo lint` is the most useful Argo-specific check once you have the Argo CLI installed.

## Installation

### 1. Build the tools image

The workflow uses custom TypeScript utilities for policy enforcement and DefectDojo uploads.

```bash
cd tools
docker build -t your-registry/agentguard-tools:latest .
docker push your-registry/agentguard-tools:latest
```

### 2. Configure values

Start from [`helm/values.yaml`](helm/values.yaml) and set at least:

```yaml
pipeline:
  toolsImage:
    repository: your-registry/agentguard-tools
    tag: latest

infisical:
  enabled: true
  workspaceSlug: your-workspace-id
  projectSlug: your-project-id

storage:
  enabled: false

defectdojo:
  enabled: false
```

Keep `storage.enabled` and `defectdojo.enabled` disabled until those services are actually installed and reachable. Keep `infisical.enabled` disabled until the operator is installed and your project identifiers are ready.

If you do not use Infisical, create the `amp-security-pipeline-secrets` secret yourself before running the workflow. For storage uploads, the secret should contain `S3_ACCESS_KEY_ID` and `S3_SECRET_ACCESS_KEY`.

### 3. Deploy the chart

```bash
helm upgrade --install agentguard-ci ./helm -n argo
```

## DefectDojo integration

DefectDojo is not installed by this repository.

You install DefectDojo separately, then enable this chart's upload step. When enabled, the workflow uploads supported reports into DefectDojo through the API using the custom uploader in [`tools/src/upload-defectdojo.ts`](tools/src/upload-defectdojo.ts).

## Secret management

When `infisical.enabled` is `true`, this chart creates an `InfisicalSecret` that syncs the runtime credentials needed by the workflow into the `amp-security-pipeline-secrets` Kubernetes secret.