Skip to content

Commit c1b96a8

Browse files
ChhinnaChhinna
authored
workflow
1 parent a5849f1 commit c1b96a8

File tree

1 file changed

+75
-0
lines changed

1 file changed

+75
-0
lines changed

.github/workflows/qg.yaml

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
name: Quality Gate Scan
2+
3+
on:
4+
push:
5+
branches:
6+
- '**'
7+
8+
permissions:
9+
contents: read
10+
11+
jobs:
12+
quality-gate:
13+
name: Quality Gate Scan
14+
runs-on: ubuntu-latest
15+
environment: ${{ (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main') && 'production' || 'test' }}
16+
steps:
17+
- name: Checkout
18+
uses: actions/checkout@v4
19+
20+
- name: Fetch quality gates script
21+
env:
22+
API_BASE: https://api.codeant.ai
23+
run: |
24+
curl -sS -X GET "${API_BASE}/analysis/ci/quality-gates/script/get" \
25+
--output quality_gates.sh.b64
26+
27+
- name: Make script executable
28+
run: |
29+
base64 -d quality_gates.sh.b64 > quality_gates.sh
30+
chmod +x quality_gates.sh
31+
32+
- name: Start Quality Gate Scan
33+
id: start-scan
34+
env:
35+
ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN_GITHUB }}
36+
REPO_NAME: ${{ github.repository }}
37+
COMMIT_ID: ${{ github.sha }}
38+
run: |
39+
echo "Starting quality gate scan..."
40+
./quality_gates.sh \
41+
-a "$ACCESS_TOKEN" \
42+
-r "$REPO_NAME" \
43+
-c "$COMMIT_ID" \
44+
-s github \
45+
-o start
46+
echo "Quality gate scan initiated successfully"
47+
48+
- name: Poll for Quality Gate Results
49+
id: poll-results
50+
env:
51+
ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN_GITHUB }}
52+
REPO_NAME: ${{ github.repository }}
53+
COMMIT_ID: ${{ github.sha }}
54+
run: |
55+
echo "Polling for quality gate results..."
56+
./quality_gates.sh \
57+
-a "$ACCESS_TOKEN" \
58+
-r "$REPO_NAME" \
59+
-c "$COMMIT_ID" \
60+
-s github \
61+
-o results \
62+
-t 300 \
63+
-p 15
64+
65+
- name: Quality Gate Status
66+
if: always()
67+
run: |
68+
if [ "${{ job.status }}" = "success" ]; then
69+
echo "✅ Quality Gate PASSED - No secrets detected"
70+
echo "::notice title=Quality Gate::Quality gate passed successfully"
71+
else
72+
echo "❌ Quality Gate FAILED - Secrets detected or scan error"
73+
echo "::error title=Quality Gate::Quality gate failed - please review the detected issues"
74+
exit 1
75+
fi

0 commit comments

Comments
 (0)