feat: pentest onboarding — streaming, browser automation, reports, user cleanup (#16)

Complete pentest feature overhaul: SSE streaming, session-persistent browser tool (CDP), AES-256 credential encryption, auto-screenshots in reports, code-level remediation correlation, SAST triage chunking, context window optimization, test user cleanup (Keycloak/Auth0/Okta), wizard dropdowns, attack chain improvements, architecture docs with Mermaid diagrams. Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com> Reviewed-on: #16
2026-03-17 20:32:20 +00:00
parent 11e1c5f438
commit c461faa2fb
57 changed files with 8844 additions and 2423 deletions
--- a/compliance-agent/src/main.rs
+++ b/compliance-agent/src/main.rs
@@ -1,6 +1,6 @@
 mod agent;
 mod api;
-mod config;
+pub(crate) mod config;
 mod database;
 mod error;
 mod llm;
@@ -15,11 +15,20 @@ mod webhooks;

 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
-    dotenvy::dotenv().ok();
+    match dotenvy::dotenv() {
+        Ok(path) => eprintln!("[dotenv] Loaded from: {}", path.display()),
+        Err(e) => eprintln!("[dotenv] FAILED: {e}"),
+    }

    let _telemetry_guard = compliance_core::telemetry::init_telemetry("compliance-agent");

-    tracing::info!("Loading configuration...");
+    // Log critical env vars at startup
+    tracing::info!(
+        chrome_ws_url = std::env::var("CHROME_WS_URL").ok().as_deref(),
+        pentest_email = std::env::var("PENTEST_VERIFICATION_EMAIL").ok().as_deref(),
+        encryption_key_set = std::env::var("PENTEST_ENCRYPTION_KEY").is_ok(),
+        "Loading configuration..."
+    );
    let config = config::load_config()?;

    // Ensure SSH key pair exists for cloning private repos