From 2909de87636b874fb8dca2f0a010f430d9161bd0 Mon Sep 17 00:00:00 2001 From: Rajendra Reddy Date: Fri, 27 Mar 2026 11:36:54 +0000 Subject: [PATCH] Update .gitea/workflows/codeant.yml --- .gitea/workflows/codeant.yml | 50 ++++++++++++++++++++++++++---------- 1 file changed, 37 insertions(+), 13 deletions(-) diff --git a/.gitea/workflows/codeant.yml b/.gitea/workflows/codeant.yml index b33d413..b3e0c2e 100644 --- a/.gitea/workflows/codeant.yml +++ b/.gitea/workflows/codeant.yml @@ -1,17 +1,41 @@ -name: Codeant Security Scan +name: CodeAnt CLI Scan on: - push: - branches: ["main"] - pull_request: - branches: ["main"] - workflow_dispatch: + push: + branches: ["main"] + pull_request: + branches: ["main"] + workflow_dispatch: + #schedule: + # - cron: "0 0 * * *" # Daily scan jobs: - codeant-scan: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.5 - with: - access_token: ${{ secrets.CODEANT_API_TOKEN }} \ No newline at end of file + codeant-scan: + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: '18' + + - name: Install CodeAnt CLI + run: npm install -g @codeant-ai/cli + + - name: Run Scans + env: + # The CLI automatically looks for this environment variable + CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_TOKEN }} + run: | + echo "Running Secrets Scan..." + codeant secrets --all --fail-on HIGH + + echo "Running Security Analysis..." + codeant security-analysis --all --fail-on HIGH + + echo "Running Static Analysis (Code Quality)..." + codeant static-analysis --all --fail-on CRITICAL \ No newline at end of file