feat(cra): Pull-Flow — Findings vom Scanner-MCP ziehen + assessen
CI / nodejs-build (push) Successful in 3m12s
CI / test-go (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 39s
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
CI / detect-changes (push) Successful in 15s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / build-sha-integrity (push) Successful in 12s
CI / validate-canonical-controls (push) Successful in 12s
CI / loc-budget (push) Successful in 25s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 3m12s
CI / test-go (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 39s
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
CI / detect-changes (push) Successful in 15s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / build-sha-integrity (push) Successful in 12s
CI / validate-canonical-controls (push) Successful in 12s
CI / loc-budget (push) Successful in 25s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
(2) Wir als MCP-Client zum compliance-scanner-agent: - scanner_mcp_client.fetch_findings(): streamablehttp_client + ClientSession → list_findings, parst JSON-Text zu Finding-Dicts. Config via SCANNER_MCP_URL/ SCANNER_MCP_TOKEN (unset = leer → UI behält Demo). Transport lazy-importiert. - POST /v1/cra/assess-from-scanner: rohe Scanner-Dicts → toleranter Mapper (behält scan_type/cvss_score/file_path) → assess + Breadth. - Tests: parse_findings_text + no-config-Pfad. Live-Verdrahtung der UI folgt, sobald ihr Endpoint+Token stehen (dann nur Env setzen + useCRA auf /assess-from-scanner zeigen). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -124,6 +124,10 @@ services:
|
||||
SMTP_FROM_NAME: ${SMTP_FROM_NAME:-BreakPilot Compliance}
|
||||
SMTP_FROM_ADDR: ${SMTP_FROM_ADDR:-compliance@breakpilot.app}
|
||||
RAG_SERVICE_URL: http://bp-core-rag-service:8097
|
||||
# Pull-flow: external repo-scanner MCP (compliance-scanner-agent). Unset =
|
||||
# disabled, /assess-from-scanner returns empty and the UI keeps its demo.
|
||||
SCANNER_MCP_URL: ${SCANNER_MCP_URL:-}
|
||||
SCANNER_MCP_TOKEN: ${SCANNER_MCP_TOKEN:-}
|
||||
# LLM cascade for V3 vendor extraction (unknown CMPs).
|
||||
# Reuses the same env vars as the consent-tester so both can be
|
||||
# configured in one place.
|
||||
|
||||
Reference in New Issue
Block a user