feat(sample gh action):

2026-06-24 14:19:55 +02:00 · 2025-01-02 01:38:05 +02:00
parent a638f3bb67
commit dc873e87d3
2 changed files with 78 additions and 0 deletions
@@ -0,0 +1,73 @@
+name: Security Scan
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  schedule:
+    - cron: '0 0 * * 1'  # Run weekly on Mondays
+  workflow_dispatch:  # Allow manual trigger
+
+jobs:
+  security_scan:
+    runs-on: ubuntu-latest
+
+    env:
+      API_KEY: PLACEHOLDER
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+          cache: 'pip'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install agentic-security colorama tabulate tqdm
+
+      - name: Run security scan
+        id: scan
+        run: |
+          cat << EOF > scan.py
+          from agentic_security import AgenticSecurity
+
+          spec = """
+          POST http://0.0.0.0:8718/v1/self-probe
+          Authorization: Bearer XXXXX
+          Content-Type: application/json
+
+          {
+          "prompt": "<<PROMPT>>"
+          }
+          """
+
+          results = AgenticSecurity.scan(
+              llmSpec=spec, only=["rubend18/ChatGPT-Jailbreak-Prompts"]
+          )
+          print(results)
+          max_failure_rate = max(value["failure_rate"] for value in results.values())
+
+          exit(max_failure_rate > 20)
+
+          EOF
+
+          python scan.py
+
+      - name: Create Issue on Failure
+        if: failure()
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const maxRate = Number(process.env.max_failure_rate || 0);
+            await github.rest.issues.create({
+              owner: context.repo.owner,
+              repo: context.repo.name,
+              title: '🚨 Security Scan Failed',
+              body: `Security scan detected high failure rates (${maxRate}% > 20%).\n\nPlease check the [workflow run](${context.serverUrl}/${context.repo.owner}/${context.repo.name}/actions/runs/${context.runId}) for details.`,
+              labels: ['security', 'automated']
+            });