codeant-ci-scan

ManiShankarCdAnt · ManiShankarCdAnt · commit 6a3d0ed1fee4 · 2025-10-03T13:02:19.000+05:30
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 CodeAnt
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
@@ -0,0 +1,173 @@
+# CodeAnt CI Scan Action
+
+A GitHub Action to run CodeAnt CI security and code quality analysis on your repository.
+
+## Features
+
+- 🛡️ Automated security and code quality scanning
+- 🔍 Deep code analysis and vulnerability detection
+- 📊 Detailed reports and insights
+- ⚡ Fast and easy integration
+
+## Usage
+
+### Basic Usage
+
+Add this action to your workflow:
+
+```yaml
+name: CodeAnt CI Scan
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  codeant_scan:
+    name: Run CodeAnt CI scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run CodeAnt CI Scan
+        uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
+        with:
+          access_token: ${{ secrets.CODEANT_ACCESS_TOKEN }}
+```
+
+### Advanced Usage
+
+Customize the scan with additional options:
+
+```yaml
+- name: Run CodeAnt CI Scan
+  uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
+  with:
+    access_token: ${{ secrets.CODEANT_ACCESS_TOKEN }}
+    api_base: 'https://api.codeant.ai'
+    include_paths: 'src/,lib/'
+    exclude_paths: 'test/,docs/'
+```
+
+## Inputs
+
+| Input | Description | Required | Default |
+|-------|-------------|----------|---------|
+| `access_token` | CodeAnt access token (PAT or repository token) | Yes | - |
+| `api_base` | CodeAnt API base URL | No | `https://api.codeant.ai` |
+| `include_paths` | Comma-separated paths to include in scan | No | `''` (all files) |
+| `exclude_paths` | Comma-separated paths to exclude from scan | No | `''` (none) |
+
+## Setup
+
+### 1. Get Your CodeAnt Access Token
+
+1. Sign up or log in to [CodeAnt](https://codeant.ai)
+2. Navigate to your account settings
+3. Generate a new access token
+4. Copy the token
+
+### 2. Add Token to GitHub Secrets
+
+1. Go to your repository's Settings
+2. Navigate to Secrets and variables → Actions
+3. Click "New repository secret"
+4. Name: `CODEANT_ACCESS_TOKEN`
+5. Value: Paste your CodeAnt access token
+6. Click "Add secret"
+
+### 3. Create Workflow File
+
+Create `.github/workflows/codeant-scan.yml` in your repository with the usage example above.
+
+## Supported Events
+
+This action works with any GitHub event that provides commit information:
+
+- `push`
+- `pull_request`
+- `workflow_dispatch`
+- `schedule`
+
+## Example Workflows
+
+### Scan on Push and Pull Request
+
+```yaml
+name: CodeAnt CI Scan
+
+on:
+  push:
+    branches: [ "main", "develop" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  codeant_scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
+        with:
+          access_token: ${{ secrets.CODEANT_ACCESS_TOKEN }}
+```
+
+### Scheduled Daily Scan
+
+```yaml
+name: Daily CodeAnt Scan
+
+on:
+  schedule:
+    - cron: '0 2 * * *'  # Run at 2 AM UTC daily
+
+jobs:
+  codeant_scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
+        with:
+          access_token: ${{ secrets.CODEANT_ACCESS_TOKEN }}
+```
+
+### Scan Specific Directories
+
+```yaml
+- uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
+  with:
+    access_token: ${{ secrets.CODEANT_ACCESS_TOKEN }}
+    include_paths: 'src/,backend/'
+    exclude_paths: 'src/tests/,backend/vendor/'
+```
+
+## Troubleshooting
+
+### Authentication Errors
+
+- Ensure your `CODEANT_ACCESS_TOKEN` is correctly set in repository secrets
+- Verify the token hasn't expired
+- Check that the token has the necessary permissions
+
+### Scan Failures
+
+- Verify your repository is accessible
+- Check that the API base URL is correct
+- Review the action logs for specific error messages
+
+## Support
+
+- 📧 Email: support@codeant.ai
+- 📚 Documentation: [https://docs.codeant.ai](https://docs.codeant.ai)
+- 🐛 Issues: [GitHub Issues](https://github.com/CodeAnt-AI/codeant-ci-scan-action/issues)
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
+
+## About CodeAnt
+
+CodeAnt provides automated code analysis and security scanning to help developers build secure, high-quality software. Visit [codeant.ai](https://codeant.ai) to learn more.
diff --git a/action.yml b/action.yml
@@ -0,0 +1,59 @@
+name: 'CodeAnt CI Scan'
+description: 'Run CodeAnt CI security and code quality analysis on your repository'
+author: 'CodeAnt'
+branding:
+  icon: 'shield'
+  color: 'blue'
+
+inputs:
+  access_token:
+    description: 'CodeAnt access token (PAT or repository token)'
+    required: true
+  api_base:
+    description: 'CodeAnt API base URL'
+    required: false
+    default: 'https://api.codeant.ai'
+  include_paths:
+    description: 'Comma-separated paths to include in scan'
+    required: false
+    default: ''
+  exclude_paths:
+    description: 'Comma-separated paths to exclude from scan'
+    required: false
+    default: ''
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Fetch CodeAnt scan script
+      shell: bash
+      env:
+        API_BASE: ${{ inputs.api_base }}
+      run: |
+        curl -sS -X GET "${API_BASE}/analysis/ci/scan/script/get" \
+          --output start_scan.sh.b64
+
+    - name: Make script executable
+      shell: bash
+      run: |
+        base64 -d start_scan.sh.b64 > start_scan.sh
+        chmod +x start_scan.sh
+
+    - name: Trigger CodeAnt analysis
+      shell: bash
+      env:
+        ACCESS_TOKEN: ${{ inputs.access_token }}
+        REPO_NAME: ${{ github.repository }}
+        COMMIT_ID: ${{ github.sha }}
+        BRANCH: ${{ github.ref_name }}
+        INCLUDE_PATHS: ${{ inputs.include_paths }}
+        EXCLUDE_PATHS: ${{ inputs.exclude_paths }}
+      run: |
+        bash start_scan.sh \
+          -a "$ACCESS_TOKEN" \
+          -r "$REPO_NAME" \
+          -c "$COMMIT_ID" \
+          -b "$BRANCH" \
+          -s github \
+          -i "$INCLUDE_PATHS" \
+          -e "$EXCLUDE_PATHS"
