From f0f77bb7a443dc5832b3b0977284da9d38a93d41 Mon Sep 17 00:00:00 2001
From: Atte Huhtakangas <atte.huhtakangas@gmail.com>
Date: Thu, 29 Feb 2024 16:53:16 +0000
Subject: [PATCH] ci: add coana reports

---
 .github/workflows/coana-analysis.yml | 36 ++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 .github/workflows/coana-analysis.yml

diff --git a/.github/workflows/coana-analysis.yml b/.github/workflows/coana-analysis.yml
new file mode 100644
index 00000000000..b9250fe3be8
--- /dev/null
+++ b/.github/workflows/coana-analysis.yml
@@ -0,0 +1,36 @@
+name: Coana Vulnerability Analysis
+
+on:
+  schedule:
+    - cron: "0 3 * * *" # every day at 3 AM
+  workflow_dispatch: # run manually
+
+jobs:
+  coana-vulnerability-analysis:
+    runs-on: ubuntu-latest
+    timeout-minutes: 120
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Enable corepack for Node
+        run: corepack enable
+
+      - name: Use Node.js 20
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      - run: yarn install --frozen-lockfile
+      - run: yarn install --frozen-lockfile
+        working-directory: ./docs
+
+      - name: Run Coana CLI
+        id: coana-cli
+        uses: coana-tech/coana-action/vulnerability-analysis@stable
+        with:
+          apiKey: ${{ secrets.COANA_API_KEY_PUBLIC_REPOS }}
+          repoUrl: https://github.com/${{github.repository}}
+          debug: "true"
+          uploadReportArtifact: "true"