Skip to content

CodeAnt-AI/codeant-ci-scan-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
codeantlogo.jpg
codeantlogo.jpg
 
 

Repository files navigation

CodeAnt Logo

CodeAnt CI Scan Action

A GitHub Action to run CodeAnt CI security and code quality analysis on your repository.

Features

  • 🛡️ Automated security and code quality scanning
  • 🔍 Deep code analysis and vulnerability detection
  • 📊 Detailed reports and insights
  • ⚡ Fast and easy integration

Usage

Basic Usage

Add this action to your workflow:

name: CodeAnt CI Scan

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]

jobs:
  codeant_scan:
    name: Run CodeAnt CI scan
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Run CodeAnt CI Scan
        uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
        with:
          access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}

Advanced Usage

Customize the scan with additional options:

- name: Run CodeAnt CI Scan
  uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
  with:
    access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}
    api_base: 'https://api.codeant.ai'
    include_paths: 'src/,lib/'
    exclude_paths: 'test/,docs/'
    scan_timeout: '600'
    scanners: 'sast,sca,secrets'

Inputs

Input Description Required Default
access_token CodeAnt access token (PAT or repository token) Yes -
api_base CodeAnt API base URL No https://api.codeant.ai
include_paths Comma-separated paths to include in scan No '' (all files)
exclude_paths Comma-separated paths to exclude from scan No '' (none)
scan_timeout Scan timeout in seconds No 300
scanners Security scanners to run No sast,sca

Scanner Options

The scanners parameter allows you to customize which security scanners run during analysis:

  • sast - Static Application Security Testing (code vulnerabilities)
  • sca - Software Composition Analysis (dependency vulnerabilities)
  • secrets - Secret detection (API keys, passwords, tokens)
  • antipatterns - Code quality and duplicate code detection
  • iac - Infrastructure as Code security (Terraform, CloudFormation, etc.)
  • all - Run all available scanners

Default: If not specified, runs sast,sca

Scanner Examples

Run all scanners:

- uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
  with:
    access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}
    scanners: 'all'

Run specific scanners:

- uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
  with:
    access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}
    scanners: 'sast,secrets,iac'

Setup

1. Get Your CodeAnt Access Token

  1. Sign up or log in to CodeAnt
  2. Navigate to your account settings
  3. Generate a new access token
  4. Copy the token

2. Add Token to GitHub Secrets

  1. Go to your repository's Settings
  2. Navigate to Secrets and variables → Actions
  3. Click "New repository secret"
  4. Name: ACCESS_TOKEN_GITHUB
  5. Value: Paste your CodeAnt access token
  6. Click "Add secret"

3. Create Workflow File

Create .github/workflows/codeant-scan.yml in your repository with the usage example above.

Supported Events

This action works with any GitHub event that provides commit information:

  • push
  • pull_request
  • workflow_dispatch
  • schedule

Example Workflows

Scan on Push and Pull Request

name: CodeAnt CI Scan

on:
  push:
    branches: [ "main", "develop" ]
  pull_request:
    branches: [ "main" ]

jobs:
  codeant_scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
        with:
          access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}

Scheduled Daily Scan

name: Daily CodeAnt Scan

on:
  schedule:
    - cron: '0 2 * * *'  # Run at 2 AM UTC daily

jobs:
  codeant_scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
        with:
          access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}

Scan Specific Directories

- uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
  with:
    access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}
    include_paths: 'src/,backend/'
    exclude_paths: 'src/tests/,backend/vendor/'

Custom Timeout Configuration

Configure a longer timeout for large repositories:

- uses: CodeAnt-AI/codeant-ci-scan-action@v0.0.6
  with:
    access_token: ${{ secrets.ACCESS_TOKEN_GITHUB }}
    scan_timeout: '900'  # 15 minutes (default: 300 seconds / 5 minutes)

Troubleshooting

Authentication Errors

  • Ensure your ACCESS_TOKEN_GITHUB is correctly set in repository secrets
  • Verify the token hasn't expired
  • Check that the token has the necessary permissions

Scan Failures

  • Verify your repository is accessible
  • Check that the API base URL is correct
  • Review the action logs for specific error messages

Timeout Issues

  • If scans are timing out, increase the scan_timeout value (default: 300 seconds)
  • For large repositories, consider setting scan_timeout: '900' or higher
  • Check network connectivity if timeouts persist

Support

License

This project is licensed under the MIT License - see the LICENSE file for details.

About CodeAnt

CodeAnt provides automated code analysis and security scanning to help developers build secure, high-quality software. Visit codeant.ai to learn more.

About

Trigger CodeAnt AI static analysis scan on your repository

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 4

Scanners Latest
Dec 18, 2025
+ 3 releases

Packages

 
 
 

Contributors