Add static analysis tests #163
Description
🔭 Task Overview
Add static analsis (sast) checks.
This ticket will need to be ported as appropriate as templates are broken up.
🎯 Objectives
Analysis support for
- frontend (whatever npm/js/ts has)
- secrets (e.g. trufflehog)
- infra
- terraform (e.g. trivy)
- container images
- is enhanced scanning is enabled for all ecr registries
- kubernetes objects (kubescape??)
- note: most of our projects are single tenant in a single namespace, which mitigates at least some risk
- still good to have
- note: most of our projects are single tenant in a single namespace, which mitigates at least some risk
🔬 Steps or Implementation Details
No response
📝 Additional context (Optional)
Add mypy as an optional code quality checker #436
🕸️ Dependencies (Optional)
No response