Add security scanning to your deployment pipeline. Fail builds when security drops below your threshold.
Copyname: Security Audit
on: [push, pull_request]
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- name: Run Security Audit
run: |
RESULT=$(curl -sf "https://audit.metaltorque.dev/api/check?url=${{ secrets.SITE_URL }}&min=70&apiKey=${{ secrets.AUDIT_API_KEY }}")
PASS=$(echo "$RESULT" | jq -r '.pass')
SCORE=$(echo "$RESULT" | jq -r '.score')
GRADE=$(echo "$RESULT" | jq -r '.grade')
echo "Score: $SCORE/100 (Grade: $GRADE)"
if [ "$PASS" != "true" ]; then
echo "::error::Security score $SCORE is below threshold 70"
exit 1
fiCopysecurity-audit:
stage: test
image: alpine/curl
script:
- apk add --no-cache jq
- >
RESULT=$(curl -sf "https://audit.metaltorque.dev/api/check?url=$SITE_URL&min=70&apiKey=$AUDIT_API_KEY")
- PASS=$(echo "$RESULT" | jq -r '.pass')
- SCORE=$(echo "$RESULT" | jq -r '.score')
- echo "Security Score: $SCORE/100"
- '[ "$PASS" = "true" ] || exit 1'Copy#!/bin/bash
# Security gate โ fails if score < threshold
RESULT=$(curl -sf "https://audit.metaltorque.dev/api/check?url=https://your-site.com&min=70&apiKey=YOUR_API_KEY")
PASS=$(echo "$RESULT" | jq -r '.pass')
SCORE=$(echo "$RESULT" | jq -r '.score')
echo "Security: $SCORE/100 โ $([ "$PASS" = "true" ] && echo "PASS" || echo "FAIL")"
[ "$PASS" = "true" ] || exit 1