Update .gitea/workflows/codeant.yml
Some checks failed
Codeant Security Scan / codeant-scan (push) Failing after 11s
Some checks failed
Codeant Security Scan / codeant-scan (push) Failing after 11s
This commit is contained in:
@@ -1,13 +1,13 @@
|
|||||||
name: CodeAnt CLI Scan
|
name: Codeant Security Scan
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: ["main"]
|
branches: ["main"]
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: ["main"]
|
branches: ["main"]
|
||||||
|
schedule:
|
||||||
|
- cron: "0 0 * * *"
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
#schedule:
|
|
||||||
# - cron: "0 0 * * *" # Daily scan
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
codeant-scan:
|
codeant-scan:
|
||||||
@@ -21,21 +21,16 @@ jobs:
|
|||||||
- name: Setup Node.js
|
- name: Setup Node.js
|
||||||
uses: actions/setup-node@v3
|
uses: actions/setup-node@v3
|
||||||
with:
|
with:
|
||||||
node-version: '18'
|
node-version: '20'
|
||||||
|
|
||||||
- name: Install CodeAnt CLI
|
- name: Install CodeAnt CLI
|
||||||
run: npm install -g codeant-cli
|
run: npm install -g @codeant/cli
|
||||||
|
|
||||||
- name: Run Scans
|
- name: Run CodeAnt Scan
|
||||||
env:
|
env:
|
||||||
# The CLI automatically looks for this environment variable
|
# IMPORTANT: Use this EXACT variable name
|
||||||
CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_TOKEN }}
|
CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_KEY }}
|
||||||
run: |
|
run: |
|
||||||
echo "Running Secrets Scan..."
|
# We use the universal 'scan' command which covers
|
||||||
codeant secrets --all --fail-on HIGH
|
# Secrets, SAST, and Quality in one go.
|
||||||
|
codeant scan --all --fail-on-severity HIGH
|
||||||
echo "Running Security Analysis..."
|
|
||||||
codeant security-analysis --all --fail-on HIGH
|
|
||||||
|
|
||||||
echo "Running Static Analysis (Code Quality)..."
|
|
||||||
codeant static-analysis --all --fail-on CRITICAL
|
|
||||||
Reference in New Issue
Block a user