Initial commit: AASRT v1.0.0 - AI Agent Security Reconnaissance Tool

2026-04-23 14:36:19 +02:00 · 2026-02-10 10:53:31 -05:00
commit a714a3399b
61 changed files with 14858 additions and 0 deletions
@@ -0,0 +1,172 @@
+name: AASRT CI/CD Pipeline
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+
+env:
+  PYTHON_VERSION: '3.11'
+
+jobs:
+  # ============================================================================
+  # Code Quality Checks
+  # ============================================================================
+  lint:
+    name: Code Quality
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: 'pip'
+      
+      - name: Install linting tools
+        run: |
+          pip install flake8 black isort mypy
+          pip install -r requirements.txt
+      
+      - name: Run Black (formatting check)
+        run: black --check --diff src/ tests/
+        continue-on-error: true
+      
+      - name: Run isort (import sorting)
+        run: isort --check-only --diff src/ tests/
+        continue-on-error: true
+      
+      - name: Run Flake8 (linting)
+        run: flake8 src/ tests/ --max-line-length=120 --statistics
+        continue-on-error: true
+      
+      - name: Run MyPy (type checking)
+        run: mypy src/ --ignore-missing-imports --no-error-summary
+        continue-on-error: true
+
+  # ============================================================================
+  # Unit Tests
+  # ============================================================================
+  test-unit:
+    name: Unit Tests
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: 'pip'
+      
+      - name: Install dependencies
+        run: |
+          pip install -r requirements.txt
+          pip install pytest pytest-cov pytest-mock pytest-timeout
+      
+      - name: Run unit tests
+        env:
+          SHODAN_API_KEY: test_key_for_ci
+          AASRT_ENVIRONMENT: testing
+        run: |
+          pytest tests/unit/ -v --cov=src --cov-report=xml --cov-report=term-missing -m "not slow"
+      
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          file: coverage.xml
+          fail_ci_if_error: false
+
+  # ============================================================================
+  # Integration Tests
+  # ============================================================================
+  test-integration:
+    name: Integration Tests
+    runs-on: ubuntu-latest
+    needs: test-unit
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: 'pip'
+      
+      - name: Install dependencies
+        run: |
+          pip install -r requirements.txt
+          pip install pytest pytest-cov pytest-mock pytest-timeout
+      
+      - name: Run integration tests
+        env:
+          SHODAN_API_KEY: test_key_for_ci
+          AASRT_ENVIRONMENT: testing
+        run: |
+          pytest tests/integration/ -v --timeout=120
+
+  # ============================================================================
+  # Security Scanning
+  # ============================================================================
+  security:
+    name: Security Scanning
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: 'pip'
+      
+      - name: Install security tools
+        run: |
+          pip install bandit safety pip-audit
+          pip install -r requirements.txt
+      
+      - name: Run Bandit (SAST)
+        run: bandit -r src/ -ll -ii --format json --output bandit-report.json
+        continue-on-error: true
+      
+      - name: Run Safety (dependency vulnerabilities)
+        run: safety check --full-report
+        continue-on-error: true
+      
+      - name: Run pip-audit
+        run: pip-audit --strict --desc
+        continue-on-error: true
+      
+      - name: Upload Bandit report
+        uses: actions/upload-artifact@v4
+        with:
+          name: bandit-report
+          path: bandit-report.json
+        if: always()
+
+  # ============================================================================
+  # Docker Build
+  # ============================================================================
+  docker:
+    name: Docker Build
+    runs-on: ubuntu-latest
+    needs: [test-unit, security]
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Build Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: false
+          tags: aasrt:${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+