Set up CodeAnt Quality Gates in your GitHub CI Pipeline.
.github/workflows/quality_gates.yml
. It will trigger on every push to your repository and run quality gate checks to detect secrets and other security issues:
Important:
- Add an
ACCESS_TOKEN
secret in your repository settings (Settings -> Secrets and variables -> Actions).- The quality gate will fail your build if secrets are detected in the changed code.
quality_gates.sh
) from the CodeAnt API endpoint.
-o start
operation.
-o results
operation with:
quality_gates.sh
script accepts the following parameters:
Parameter | Description | Required | Example |
---|---|---|---|
-a, --access-token | GitHub Personal Access Token or repo token | Yes | ${{ secrets.ACCESS_TOKEN }} |
-r, --repo | Repository in format owner/repository | Yes | ${{ github.repository }} |
-c, --commit-id | Commit SHA to scan | Yes | ${{ github.sha }} |
-s, --service | VCS provider | Yes | github |
-o, --operation | Operation to perform (start or results ) | Yes | start or results |
-t, --timeout | Timeout in seconds for polling (default: 300) | No | 300 |
-p, --poll-interval | Poll interval in seconds (default: 15) | No | 15 |
-u, --base-url | Base URL for VCS service (optional) | No | https://github.com |
-t 600
(10 minutes)ACCESS_TOKEN
secret is correctly configured