sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Compliance Scanner Agent

Browse Source 
Autonomous security and compliance scanning agent for git repositories.
Features: SAST (Semgrep), SBOM (Syft), CVE monitoring (OSV.dev/NVD),
GDPR/OAuth pattern detection, LLM triage, issue creation (GitHub/GitLab/Jira),
PR reviews, and Dioxus fullstack dashboard.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
2026-03-02 13:30:17 +01:00
commit 0867e401bc
97 changed files with 11750 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
compliance-agent/src/config.rs Normal file
View File

@@ -0,0 +1,43 @@
use compliance_core::AgentConfig;
use secrecy::SecretString;
use crate::error::AgentError;
fn env_var(key: &str) -> Result<String, AgentError> {
std::env::var(key).map_err(|_| AgentError::Config(format!("Missing env var: {key}")))
}
fn env_var_opt(key: &str) -> Option<String> {
std::env::var(key).ok().filter(|v| !v.is_empty())
}
fn env_secret_opt(key: &str) -> Option<SecretString> {
env_var_opt(key).map(SecretString::from)
}
pub fn load_config() -> Result<AgentConfig, AgentError> {
Ok(AgentConfig {
mongodb_uri: env_var("MONGODB_URI")?,
mongodb_database: env_var_opt("MONGODB_DATABASE").unwrap_or_else(|| "compliance_scanner".to_string()),
litellm_url: env_var_opt("LITELLM_URL").unwrap_or_else(|| "http://localhost:4000".to_string()),
litellm_api_key: SecretString::from(env_var_opt("LITELLM_API_KEY").unwrap_or_default()),
litellm_model: env_var_opt("LITELLM_MODEL").unwrap_or_else(|| "gpt-4o".to_string()),
github_token: env_secret_opt("GITHUB_TOKEN"),
github_webhook_secret: env_secret_opt("GITHUB_WEBHOOK_SECRET"),
gitlab_url: env_var_opt("GITLAB_URL"),
gitlab_token: env_secret_opt("GITLAB_TOKEN"),
gitlab_webhook_secret: env_secret_opt("GITLAB_WEBHOOK_SECRET"),
jira_url: env_var_opt("JIRA_URL"),
jira_email: env_var_opt("JIRA_EMAIL"),
jira_api_token: env_secret_opt("JIRA_API_TOKEN"),
jira_project_key: env_var_opt("JIRA_PROJECT_KEY"),
searxng_url: env_var_opt("SEARXNG_URL"),
nvd_api_key: env_secret_opt("NVD_API_KEY"),
agent_port: env_var_opt("AGENT_PORT")
.and_then(|p| p.parse().ok())
.unwrap_or(3001),
scan_schedule: env_var_opt("SCAN_SCHEDULE").unwrap_or_else(|| "0 0 */6 * * *".to_string()),
cve_monitor_schedule: env_var_opt("CVE_MONITOR_SCHEDULE").unwrap_or_else(|| "0 0 0 * * *".to_string()),
git_clone_base_path: env_var_opt("GIT_CLONE_BASE_PATH").unwrap_or_else(|| "/tmp/compliance-scanner/repos".to_string()),
})
}