Skip to main content

CodeAnt CI Scan Action

A GitHub Action to run CodeAnt CI security and code quality analysis on your repository. You can find this action on the GitHub Marketplace.

Features

  • 🛡️ Automated security and code quality scanning
  • 🔍 Deep code analysis and vulnerability detection
  • 📊 Detailed reports and insights
  • ⚡ Fast and easy integration

Usage

Basic Usage

Add this action to your workflow: 
name: CodeAnt CI Scan

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]

jobs:
  codeant_scan:
    name: Run CodeAnt CI scan
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Run CodeAnt CI Scan
        uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
        with:
          access_token: ${{ secrets.GITHUB_ACCESS_TOKEN }}

Advanced Usage

Customize the scan with additional options: 
- name: Run CodeAnt CI Scan
  uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
  with:
    access_token: ${{ secrets.GITHUB_ACCESS_TOKEN }}
    api_base: 'https://api.codeant.ai'
    include_paths: 'src/,lib/'
    exclude_paths: 'test/,docs/'

Inputs

InputDescriptionRequiredDefault
access_tokenCodeAnt access token (PAT or repository token)Yes-
api_baseCodeAnt API base URLNohttps://api.codeant.ai
include_pathsComma-separated paths to include in scanNo'' (all files)
exclude_pathsComma-separated paths to exclude from scanNo'' (none)

Setup

1. Get Your CodeAnt Access Token

  • Sign up or log in to CodeAnt
  • Navigate to your account settings
  • Generate a new access token
  • Copy the token

2. Add Token to GitHub Secrets

  • Go to your repository’s Settings
  • Navigate to Secrets and variables → Actions
  • Click “New repository secret”
  • Name: GITHUB_ACCESS_TOKEN
  • Value: Paste your CodeAnt access token
  • Click “Add secret”

3. Create Workflow File

Create .github/workflows/codeant-scan.yml in your repository with the usage example above.

Supported Events

This action works with any GitHub event that provides commit information:
  • push
  • pull_request
  • workflow_dispatch
  • schedule

Example Workflows

Scan on Push and Pull Request

name: CodeAnt CI Scan

on:
  push:
    branches: [ "main", "develop" ]
  pull_request:
    branches: [ "main" ]

jobs:
  codeant_scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
        with:
          access_token: ${{ secrets.GITHUB_ACCESS_TOKEN }}

Scheduled Daily Scan

name: Daily CodeAnt Scan

on:
  schedule:
    - cron: '0 2 * * *'  # Run at 2 AM UTC daily

jobs:
  codeant_scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
        with:
          access_token: ${{ secrets.GITHUB_ACCESS_TOKEN }}

Scan Specific Directories

- uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.1
  with:
    access_token: ${{ secrets.GITHUB_ACCESS_TOKEN }}
    include_paths: 'src/,backend/'
    exclude_paths: 'src/tests/,backend/vendor/'

Troubleshooting

Authentication Errors

  • Ensure your GITHUB_ACCESS_TOKEN is correctly set in repository secrets
  • Verify the token hasn’t expired
  • Check that the token has the necessary permissions

Scan Failures

  • Verify your repository is accessible
  • Check that the API base URL is correct
  • Review the action logs for specific error messages

Support

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support

For issues, questions, or contributions, please visit the GitHub repository.
I