4nk/4NK_template
Template
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4NK_template/scripts/agents/security_agent.sh

38 lines
1.4 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env bash
set -euo pipefail
TARGET_DIR="${1:-.}"
OUTPUT_DIR="${2:-tests/reports/agents}"
mkdir -p "$OUTPUT_DIR"
SUMMARY_FILE="$OUTPUT_DIR/security_agent.md"
source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true
echo "# Agent Sécurité" > "$SUMMARY_FILE"
echo >> "$SUMMARY_FILE"
pushd "$TARGET_DIR" >/dev/null
if [[ "$SCOPE" == "changed" ]]; then
relevant=(scripts/security/audit.sh .gitea/workflows/ci.yml docs/SECURITY_AUDIT.md)
any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done
if [[ $any -eq 0 ]]; then echo "- Aucun changement sécurité pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi
fi
echo "## Résultats locaux" >> "$SUMMARY_FILE"
if [[ -x scripts/security/audit.sh ]]; then
if scripts/security/audit.sh >> "$SUMMARY_FILE" 2>&1; then
echo "- Audit sécurité scripté exécuté (voir détails cidessus)." >> "$SUMMARY_FILE"
else
echo "- Audit a signalé des problèmes (cidessus)." >> "$SUMMARY_FILE"
fi
else
echo "- scripts/security/audit.sh introuvable ou non exécutable." >> "$SUMMARY_FILE"
fi
PROMPT=$(cat <<'EOF'
À partir dun dépôt template, propose 5 contrôles sécurité CI/CD additionnels (secrets, permissions, dépendances, scans) et un ordre de priorité.
EOF
)
scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true
echo "Rapport: $SUMMARY_FILE"
popd >/dev/null
Reference in New Issue View Git Blame Copy Permalink