Create embold-scan.yml

AlfaizMomin · web-flow · commit ce360cfd876f · 2025-10-09T18:28:02.000+05:30
diff --git a/.github/workflows/embold-scan.yml b/.github/workflows/embold-scan.yml
@@ -0,0 +1,47 @@
+# .github/workflows/embold-scan.yml
+
+name: Embold Code Quality Scan
+
+# This workflow runs on every push to the 'main' branch
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  workflow_dispatch: 
+
+jobs:
+  embold-scan:
+    # Use the latest version of Ubuntu to run the job
+    runs-on: ubuntu-latest
+
+    steps:
+      # Step 1: Check out your repository code so the workflow can access it
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      # Step 2: Download and extract the Embold scanner
+      - name: Download and Extract Scanner
+        run: |
+          curl https://v1.embold.io/nfs/CLI/browserstack-codequality-scanner.tar.gz -o browserstack-codequality-scanner-archive.tar.gz
+          tar xvf browserstack-codequality-scanner-archive.tar.gz
+
+      # Step 3: Download the repository configuration file using a secure token
+      - name: Download Repository Configuration
+        run: |
+          curl --silent --location --request GET "http://3.66.212.6:3000/api/v1/repositories/56767304e7891c4b5c593db9b9d7e7d8/scans/config/download" --header "Authorization: Bearer ${{ secrets.EMBOLD_SCAN_TOKEN }}" -o repository-configuration.json
+
+      # Step 4: Run the Embold analysis scanner
+      - name: Run Embold Scanner
+        env:
+          EMBOLD_TOKEN: ${{ secrets.EMBOLD_SCAN_TOKEN }}
+        run: |
+          ./browserstack-codequality-scanner/bin/embold-scanner analyse \
+            -u http://3.66.212.6:3000/ \
+            -t $EMBOLD_TOKEN \
+            -r 56767304e7891c4b5c593db9b9d7e7d8 \
+            -b . \
+            -d ./embold-data \
+            -c ./repository-configuration.json \
+            -l ./embold-log \
+            -sh ./embold-scanner-home
