Update .gitea/workflows/codeant.yml

.gitea/workflows/codeant.yml

@@ -1,17 +1,41 @@
-name: Codeant Security Scan
+name: CodeAnt CLI Scan
 
 on:
-    push:
-        branches: ["main"]
-    pull_request:
-        branches: ["main"]
-    workflow_dispatch:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  workflow_dispatch:
+  #schedule:
+  #  - cron: "0 0 * * *" # Daily scan
 
 jobs:
-    codeant-scan:
-        runs-on: ubuntu-latest
-        steps:
-            - uses: actions/checkout@v3
-            - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.5
-              with:
-                access_token: ${{ secrets.CODEANT_API_TOKEN }}
+  codeant-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+
+      - name: Install CodeAnt CLI
+        run: npm install -g @codeant-ai/cli
+
+      - name: Run Scans
+        env:
+          # The CLI automatically looks for this environment variable
+          CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_TOKEN }}
+        run: |
+          echo "Running Secrets Scan..."
+          codeant secrets --all --fail-on HIGH
+
+          echo "Running Security Analysis..."
+          codeant security-analysis --all --fail-on HIGH
+
+          echo "Running Static Analysis (Code Quality)..."
+          codeant static-analysis --all --fail-on CRITICAL