Add security scanning to your deployment pipeline. Fail builds when security drops below your threshold.
Copyname: Security Audit
on: [push, pull_request]
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- name: Run Security Audit
run: |
RESULT=$(curl -sf -H "X-API-Key: ${{ secrets.AUDIT_API_KEY }}" "https://scan.leddconsulting.com/api/check?url=${{ secrets.SITE_URL }}&min=70")
PASS=$(echo "$RESULT" | jq -r '.pass')
SCORE=$(echo "$RESULT" | jq -r '.score')
GRADE=$(echo "$RESULT" | jq -r '.grade')
echo "Score: $SCORE/100 (Grade: $GRADE)"
if [ "$PASS" != "true" ]; then
echo "::error::Security score $SCORE is below threshold 70"
exit 1
fiCopysecurity-audit:
stage: test
image: alpine/curl
script:
- apk add --no-cache jq
- >
RESULT=$(curl -sf -H "X-API-Key: $AUDIT_API_KEY" "https://scan.leddconsulting.com/api/check?url=$SITE_URL&min=70")
- PASS=$(echo "$RESULT" | jq -r '.pass')
- SCORE=$(echo "$RESULT" | jq -r '.score')
- echo "Security Score: $SCORE/100"
- '[ "$PASS" = "true" ] || exit 1'Copy#!/bin/bash
# Security gate โ fails if score < threshold
AUDIT_API_KEY=YOUR_API_KEY
RESULT=$(curl -sf -H "X-API-Key: $AUDIT_API_KEY" "https://scan.leddconsulting.com/api/check?url=https://your-site.com&min=70")
PASS=$(echo "$RESULT" | jq -r '.pass')
SCORE=$(echo "$RESULT" | jq -r '.score')
echo "Security: $SCORE/100 โ $([ "$PASS" = "true" ] && echo "PASS" || echo "FAIL")"
[ "$PASS" = "true" ] || exit 1