Rajendra Reddy
62d38422f7
Some checks failed
Codeant Security Scan / codeant-scan (push) Failing after 1m32s
55 lines
1.6 KiB
YAML
55 lines
1.6 KiB
YAML
name: Codeant Security Scan
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
pull_request:
|
|
branches: ["main"]
|
|
schedule:
|
|
- cron: "0 0 * * *" # Daily Scan
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
codeant-scan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup Node.js (Satisfies Engine Requirements)
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
node-version: '22' # Using Node 22 to avoid EBADENGINE errors
|
|
- name: Install and Inject Config
|
|
env:
|
|
MY_KEY: ${{ secrets.CODEANT_API_TOKEN }}
|
|
run: |
|
|
npm install -g codeant-cli
|
|
mkdir -p $HOME/.codeant
|
|
echo $MY_KEY
|
|
# Now we use the environment variable $MY_KEY
|
|
printf '{"apiKey":"%s"}\n' "$MY_KEY" > $HOME/.codeant/config.json
|
|
cat $HOME/.codeant/config.json
|
|
|
|
# Verify: This should now show ~35-40 bytes
|
|
echo "Config file size: $(wc -c < $HOME/.codeant/config.json) bytes"
|
|
|
|
- name: Run CodeAnt AI Review (Full Repo First Time)
|
|
run: |
|
|
echo "Preparing full repo scan..."
|
|
|
|
# Ensure full git history
|
|
git fetch --unshallow || true
|
|
|
|
# 👇 Create fake baseline so everything is treated as new
|
|
git checkout --orphan codeant-scan
|
|
git add .
|
|
git commit -m "full repo scan baseline"
|
|
|
|
echo "Running CodeAnt AI Review..."
|
|
codeant review --committed > review.txt || true
|
|
|
|
echo "===== CodeAnt Output ====="
|
|
cat review.txt |