sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: added vite-press docs (#4)
All checks were successful
CI / Clippy (push) Successful in 3m17s
Details
CI / Security Audit (push) Successful in 1m36s
Details
CI / Format (push) Successful in 2s
Details
CI / Tests (push) Successful in 4m38s
Details

Browse Source 
Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com>
Reviewed-on: #4
This commit was merged in pull request #4.
This commit is contained in:
Sharang Parnerkar
2026-03-08 13:59:50 +00:00
parent 65abc55915
commit 7e12d1433a
30 changed files with 4101 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
docs/guide/repositories.md Normal file
View File

@@ -0,0 +1,62 @@
# Adding Repositories
Repositories are the core resource in Compliance Scanner. Each tracked repository is scanned on a schedule and its results are available across all features.
## Adding a Repository
1. Navigate to **Repositories** in the sidebar
2. Click **Add Repository** at the top of the page
3. Fill in the form:
- **Name** — A display name for the repository
- **Git URL** — The clone URL (HTTPS or SSH), e.g. `https://github.com/org/repo.git`
- **Default Branch** — The branch to scan, e.g. `main` or `master`
4. Click **Add**
The repository appears in the list immediately. It will not be scanned until you trigger a scan manually or the next scheduled scan runs.
::: tip
For private repositories, configure a GitHub token (`GITHUB_TOKEN`) or GitLab token (`GITLAB_TOKEN`) in your environment. The agent uses these tokens when cloning.
:::
## Repository List
The repositories page shows all tracked repositories with:
| Column | Description |
|--------|-------------|
| Name | Repository display name |
| Git URL | Clone URL |
| Branch | Default branch being scanned |
| Findings | Total number of security findings |
| Last Scanned | Relative timestamp of the most recent scan |
## Triggering a Scan
Click the **Scan** button on any repository row to trigger an immediate scan. The scan runs in the background through all phases (clone, SAST, SBOM, CVE, graph). You can monitor progress on the Overview page under recent scan runs.
## Deleting a Repository
Click the **Delete** button on a repository row. A confirmation dialog appears warning that this action permanently removes:
- All security findings
- SBOM entries and vulnerability data
- Scan run history
- Code graph data
- Embedding vectors (for AI chat)
- CVE alerts
This action cannot be undone.
## Automatic Scanning
Repositories are scanned automatically on a schedule configured by the `SCAN_SCHEDULE` environment variable (cron format). The default is every 6 hours:
```
SCAN_SCHEDULE=0 0 */6 * * *
```
CVE monitoring runs on a separate schedule (default: daily at midnight):
```
CVE_MONITOR_SCHEDULE=0 0 0 * * *
```