Update .gitea/workflows/codeant.yml
Some checks failed
Codeant Security Scan / codeant-scan (push) Failing after 1m11s
Some checks failed
Codeant Security Scan / codeant-scan (push) Failing after 1m11s
This commit is contained in:
@@ -6,7 +6,7 @@ on:
|
|||||||
pull_request:
|
pull_request:
|
||||||
branches: ["main"]
|
branches: ["main"]
|
||||||
schedule:
|
schedule:
|
||||||
- cron: "0 0 * * *"
|
- cron: "0 0 * * *" # Daily Scan
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
@@ -18,19 +18,27 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- name: Setup Node.js
|
- name: Setup Node.js (Satisfies Engine Requirements)
|
||||||
uses: actions/setup-node@v3
|
uses: actions/setup-node@v3
|
||||||
with:
|
with:
|
||||||
node-version: '20'
|
node-version: '22' # Using Node 22 to avoid EBADENGINE errors
|
||||||
|
|
||||||
- name: Install CodeAnt CLI
|
- name: Install CodeAnt CLI
|
||||||
run: npm install -g codeant-cli
|
run: npm install -g @codeant-cli
|
||||||
|
|
||||||
- name: Run CodeAnt Scan
|
- name: Run CodeAnt Analysis
|
||||||
env:
|
env:
|
||||||
# IMPORTANT: Use this EXACT variable name
|
# The CLI uses this for non-interactive auth
|
||||||
CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_KEY }}
|
CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_KEY }}
|
||||||
run: |
|
run: |
|
||||||
# We use the universal 'scan' command which covers
|
echo "Checking CodeAnt Version..."
|
||||||
# Secrets, SAST, and Quality in one go.
|
codeant --version
|
||||||
codeant scan --all --fail-on-severity HIGH
|
|
||||||
|
echo "1. Scanning for Secrets..."
|
||||||
|
codeant secrets --all --fail-on HIGH
|
||||||
|
|
||||||
|
echo "2. Running Security Analysis (Vulnerabilities)..."
|
||||||
|
codeant security-analysis --all --fail-on HIGH
|
||||||
|
|
||||||
|
echo "3. Running Static Analysis (Quality & Bugs)..."
|
||||||
|
codeant static-analysis --all --fail-on CRITICAL
|
||||||
Reference in New Issue
Block a user