kekkai-cli 1.0.0__tar.gz

kekkai_cli-1.0.0/PKG-INFO

@@ -0,0 +1,135 @@
+Metadata-Version: 2.4
+Name: kekkai-cli
+Version: 1.0.0
+Summary: Kekkai/Regulon monorepo (local-first AppSec orchestration + compliance checker)
+Requires-Python: >=3.12
+Description-Content-Type: text/markdown
+Requires-Dist: rich>=13.0.0
+Requires-Dist: jsonschema>=4.20.0
+Requires-Dist: textual>=0.50.0
+Requires-Dist: httpx>=0.24.0
+
+<p align="center">
+  <img src="https://raw.githubusercontent.com/kademoslabs/assets/main/logos/kekkai-slim.png" alt="Kekkai CLI Logo" width="250"/>
+</p>
+<p align="center"><i>One command. Clean AppSec reports.</i></p>
+<p align="center">
+  <img src="https://img.shields.io/badge/license-MIT-blue.svg"/>
+  <img src="https://img.shields.io/badge/status-active-brightgreen"/>
+</p>
+
+# Kekkai 🛡️
+
+**Security that moves at developer speed.**
+*Local-first orchestration for Trivy, Semgrep, and DefectDojo.*
+
+![Hero GIF](https://raw.githubusercontent.com/kademoslabs/assets/main/screenshots/kekkai-recording.gif)
+
+---
+
+## ⚡ Quick Start
+
+Stop fighting with Docker Compose. Start scanning in 30 seconds.
+
+### Installation
+
+**Option 1: pipx (Recommended - Isolated Environment)**
+
+```bash
+pipx install kekkai-cli
+```
+
+**Option 2: Homebrew (macOS/Linux)**
+
+```bash
+brew tap kademoslabs/tap
+brew install kekkai
+```
+
+**Option 3: Docker (No Python Required)**
+
+```bash
+# Build image
+docker build -t kademoslabs/kekkai:latest -f apps/kekkai/Dockerfile .
+
+# Run via wrapper script
+./scripts/kekkai-docker --help
+
+# Or set up alias
+alias kekkai="$(pwd)/scripts/kekkai-docker"
+```
+
+**Option 4: Scoop (Windows)**
+
+```powershell
+scoop bucket add kademoslabs https://github.com/kademoslabs/scoop-bucket
+scoop install kekkai
+```
+
+**Option 5: pip (Traditional)**
+
+```bash
+pip install kekkai-cli
+```
+
+
+
+### 1. Scan your project (Local)
+
+Run industry-standard scanners (Trivy, Semgrep, Gitleaks) in unified Docker containers without installing them individually.
+
+```bash
+cd your-repo
+kekkai scan
+
+```
+
+### 2. Spin up DefectDojo
+
+Launch a full local vulnerability management platform (Nginx, Postgres, Redis, Celery) with one command.
+
+```bash
+kekkai dojo up --wait --open
+
+```
+
+### 3. Generate a Threat Model (AI)
+
+Generate a STRIDE threat model and Data Flow Diagram using your local LLM.
+
+```bash
+kekkai threatflow --repo . --model-mode local
+
+```
+
+---
+
+## 🛑 The Problem vs. Kekkai
+
+| Feature | The Old Way | The Kekkai Way |
+| --- | --- | --- |
+| **Tooling** | Manually install/update 5+ tools (Trivy, Semgrep, etc.) | **One Binary.** `kekkai scan` auto-pulls and runs the latest scanner containers. |
+| **Reporting** | Parse 5 different JSON formats manually. | **Unified Output.** One deduplicated `kekkai-report.json` for all findings. |
+| **DefectDojo** | Write a 200-line `docker-compose.yml` and debug networking. | **One Command.** `kekkai dojo up` automates the entire stack setup. |
+| **Threat Modeling** | Expensive consultants or manual whiteboarding. | **AI Agent.** `kekkai threatflow` generates `THREATS.md` locally. |
+| **CI/CD** | Write complex bash scripts to break builds. | **Policy Engine.** `kekkai scan --ci --fail-on high`. |
+
+---
+
+## 🔒 Enterprise Features (Portal)
+
+For teams that need centralized management, **Kekkai Portal** offers:
+
+* **SAML 2.0 SSO** with Replay Protection
+* **Role-Based Access Control (RBAC)**
+* **Cryptographically Signed Audit Logs**
+
+*Built by Kademos Labs.*
+
+---
+
+## 📚 Documentation
+
+- **[Automated Distribution Updates](docs/ci/automated-distributions.md)** - CI/CD distribution triggers
+- **[CI Architecture](/.docs/development/ci-architecture.md)** - Developer guide for distribution automation
+- **[Homebrew Maintenance](docs/ci/homebrew-maintenance.md)** - Homebrew tap management

kekkai_cli-1.0.0/README.md

@@ -0,0 +1,124 @@
+<p align="center">
+  <img src="https://raw.githubusercontent.com/kademoslabs/assets/main/logos/kekkai-slim.png" alt="Kekkai CLI Logo" width="250"/>
+</p>
+<p align="center"><i>One command. Clean AppSec reports.</i></p>
+<p align="center">
+  <img src="https://img.shields.io/badge/license-MIT-blue.svg"/>
+  <img src="https://img.shields.io/badge/status-active-brightgreen"/>
+</p>
+
+# Kekkai 🛡️
+
+**Security that moves at developer speed.**
+*Local-first orchestration for Trivy, Semgrep, and DefectDojo.*
+
+![Hero GIF](https://raw.githubusercontent.com/kademoslabs/assets/main/screenshots/kekkai-recording.gif)
+
+---
+
+## ⚡ Quick Start
+
+Stop fighting with Docker Compose. Start scanning in 30 seconds.
+
+### Installation
+
+**Option 1: pipx (Recommended - Isolated Environment)**
+
+```bash
+pipx install kekkai-cli
+```
+
+**Option 2: Homebrew (macOS/Linux)**
+
+```bash
+brew tap kademoslabs/tap
+brew install kekkai
+```
+
+**Option 3: Docker (No Python Required)**
+
+```bash
+# Build image
+docker build -t kademoslabs/kekkai:latest -f apps/kekkai/Dockerfile .
+
+# Run via wrapper script
+./scripts/kekkai-docker --help
+
+# Or set up alias
+alias kekkai="$(pwd)/scripts/kekkai-docker"
+```
+
+**Option 4: Scoop (Windows)**
+
+```powershell
+scoop bucket add kademoslabs https://github.com/kademoslabs/scoop-bucket
+scoop install kekkai
+```
+
+**Option 5: pip (Traditional)**
+
+```bash
+pip install kekkai-cli
+```
+
+
+
+### 1. Scan your project (Local)
+
+Run industry-standard scanners (Trivy, Semgrep, Gitleaks) in unified Docker containers without installing them individually.
+
+```bash
+cd your-repo
+kekkai scan
+
+```
+
+### 2. Spin up DefectDojo
+
+Launch a full local vulnerability management platform (Nginx, Postgres, Redis, Celery) with one command.
+
+```bash
+kekkai dojo up --wait --open
+
+```
+
+### 3. Generate a Threat Model (AI)
+
+Generate a STRIDE threat model and Data Flow Diagram using your local LLM.
+
+```bash
+kekkai threatflow --repo . --model-mode local
+
+```
+
+---
+
+## 🛑 The Problem vs. Kekkai
+
+| Feature | The Old Way | The Kekkai Way |
+| --- | --- | --- |
+| **Tooling** | Manually install/update 5+ tools (Trivy, Semgrep, etc.) | **One Binary.** `kekkai scan` auto-pulls and runs the latest scanner containers. |
+| **Reporting** | Parse 5 different JSON formats manually. | **Unified Output.** One deduplicated `kekkai-report.json` for all findings. |
+| **DefectDojo** | Write a 200-line `docker-compose.yml` and debug networking. | **One Command.** `kekkai dojo up` automates the entire stack setup. |
+| **Threat Modeling** | Expensive consultants or manual whiteboarding. | **AI Agent.** `kekkai threatflow` generates `THREATS.md` locally. |
+| **CI/CD** | Write complex bash scripts to break builds. | **Policy Engine.** `kekkai scan --ci --fail-on high`. |
+
+---
+
+## 🔒 Enterprise Features (Portal)
+
+For teams that need centralized management, **Kekkai Portal** offers:
+
+* **SAML 2.0 SSO** with Replay Protection
+* **Role-Based Access Control (RBAC)**
+* **Cryptographically Signed Audit Logs**
+
+*Built by Kademos Labs.*
+
+---
+
+## 📚 Documentation
+
+- **[Automated Distribution Updates](docs/ci/automated-distributions.md)** - CI/CD distribution triggers
+- **[CI Architecture](/.docs/development/ci-architecture.md)** - Developer guide for distribution automation
+- **[Homebrew Maintenance](docs/ci/homebrew-maintenance.md)** - Homebrew tap management

kekkai_cli-1.0.0/pyproject.toml

@@ -0,0 +1,69 @@
+[project]
+name = "kekkai-cli"
+version = "1.0.0"
+description = "Kekkai/Regulon monorepo (local-first AppSec orchestration + compliance checker)"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "rich>=13.0.0",
+    "jsonschema>=4.20.0",
+    "textual>=0.50.0",
+    "httpx>=0.24.0",
+]
+
+[project.scripts]
+kekkai = "kekkai.cli:main"
+kekkai-portal = "portal.web:main"
+
+[tool.ruff]
+target-version = "py312"
+line-length = 100
+extend-exclude = ["dist", "build", ".venv"]
+lint.select = ["E", "F", "I", "B", "UP", "S", "SIM"]
+lint.ignore = ["S101"]  # allow asserts in tests
+lint.per-file-ignores = { "tests/**" = ["S"], "src/kekkai_core/docker/**" = ["S603"], "src/kekkai_core/slsa/**" = ["S603", "S607"], "src/kekkai/github/**" = ["S105"] }
+
+[tool.mypy]
+python_version = "3.12"
+mypy_path = "src"
+strict = true
+warn_unused_configs = true
+warn_return_any = true
+disallow_any_generics = true
+no_implicit_optional = true
+check_untyped_defs = true
+exclude = ["apps/"]
+
+[tool.pytest.ini_options]
+addopts = "-q"
+testpaths = ["tests"]
+markers = [
+  "integration: integration tests",
+  "e2e: end-to-end tests",
+  "regression: regression/golden tests",
+  "benchmark: performance benchmark tests",
+  "requires_admin: tests requiring admin privileges"
+]
+
+[tool.coverage.run]
+branch = true
+source = ["src"]
+
+[tool.coverage.report]
+show_missing = true
+skip_covered = false
+fail_under = 69
+exclude_lines = [
+    "pragma: no cover",
+    "if TYPE_CHECKING:",
+]
+
+[build-system]
+requires = ["setuptools>=69", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools]
+package-dir = {"" = "src"}
+
+[tool.setuptools.packages.find]
+where = ["src"]

kekkai_cli-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

kekkai_cli-1.0.0/src/kekkai/__init__.py

@@ -0,0 +1,7 @@
+from __future__ import annotations
+
+from .cli import main
+from .output import VERSION
+
+__version__ = VERSION
+__all__ = ["main", "__version__"]