GitHub Actions CI Integration
Run automated security scans on every push or pull request with Scantient's CI endpoint. Fail your pipeline automatically if critical vulnerabilities are detected.
Quick Start
- Generate an API key in Settings → API Keys.
- Add it as a GitHub secret named
SCANTIENT_API_KEY. - Set your app URL as an environment variable or inline in the workflow.
- Add the workflow below to
.github/workflows/scantient.yml.
name: Scantient Security Scan
on: [push, pull_request]
jobs:
scantient:
runs-on: ubuntu-latest
steps:
- name: Run Scantient Security Scan
run: |
RESULT=$(curl -s -X POST https://scantient.com/api/public/ci-scan \
-H "X-API-Key: ${{ secrets.SCANTIENT_API_KEY }}" \
-H "Content-Type: application/json" \
-d '{"url": "${{ env.APP_URL }}", "failOn": "critical"}')
echo "$RESULT" | jq .
PASSED=$(echo "$RESULT" | jq -r '.passed')
if [ "$PASSED" != "true" ]; then
echo "Scantient scan failed — security issues detected"
exit 1
fiCI Endpoint Reference
POST
/api/public/ci-scanRuns a full Scantient security scan. Returns HTTP 200 if passed, 422 if failed.
Request
curl -s -X POST https://scantient.com/api/public/ci-scan \
-H "X-API-Key: vs_your_api_key" \
-H "Content-Type: application/json" \
-d '{"url": "https://your-app.com", "failOn": "critical"}'Response
{
"passed": true,
"score": 87,
"grade": "B",
"findingsCount": 3,
"criticalCount": 0,
"highCount": 1,
"mediumCount": 2,
"summary": "1 HIGH, 2 MEDIUM findings detected",
"findings": [...],
"dashboardUrl": "https://scantient.com/apps/clx123..."
}Security Badge
Add a Scantient security badge to your README to show your security score at a glance.
[](https://scantient.com)Badge colors:
- Green: score ≥ 80
- Yellow: score 50–79
- Red: score < 50
Threshold Levels
| failOn value | Fails CI when | Recommended for |
|---|---|---|
| critical | Any CRITICAL finding exists | Default: all projects |
| high | Any HIGH or CRITICAL finding exists | Production-critical services |
| medium | Any MEDIUM, HIGH, or CRITICAL finding exists | High-compliance environments |