diff --git a/.github/workflows/recipe-security-scanner.yml b/.github/workflows/recipe-security-scanner.yml index ac0250da16..7eefc76487 100644 --- a/.github/workflows/recipe-security-scanner.yml +++ b/.github/workflows/recipe-security-scanner.yml @@ -129,7 +129,7 @@ jobs: - name: Scan all recipe files if: steps.find_recipes.outputs.has_recipes == 'true' && steps.recipe_changes.outputs.recipe_files_changed == 'true' env: - ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + SECURITY_SCANNER_ANTHROPIC_API_KEY: ${{ secrets.SECURITY_SCANNER_ANTHROPIC_API_KEY }} TRAINING_DATA_LOW: ${{ secrets.TRAINING_DATA_LOW }} TRAINING_DATA_MEDIUM: ${{ secrets.TRAINING_DATA_MEDIUM }} TRAINING_DATA_EXTREME: ${{ secrets.TRAINING_DATA_EXTREME }} @@ -142,7 +142,7 @@ jobs: sudo chmod -R 777 "$OUT" || true # Verify secrets are available (without logging details) - if [ -z "$ANTHROPIC_API_KEY" ] || [ -z "$TRAINING_DATA_LOW" ] || [ -z "$TRAINING_DATA_MEDIUM" ] || [ -z "$TRAINING_DATA_EXTREME" ]; then + if [ -z "$SECURITY_SCANNER_ANTHROPIC_API_KEY" ] || [ -z "$TRAINING_DATA_LOW" ] || [ -z "$TRAINING_DATA_MEDIUM" ] || [ -z "$TRAINING_DATA_EXTREME" ]; then echo "❌ One or more required secrets are missing or inaccessible" exit 1 fi @@ -166,7 +166,7 @@ jobs: # Run scanner on this recipe with training data if docker run --rm \ - -e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \ + -e SECURITY_SCANNER_ANTHROPIC_API_KEY="$SECURITY_SCANNER_ANTHROPIC_API_KEY" \ -e TRAINING_DATA_LOW="$TRAINING_DATA_LOW" \ -e TRAINING_DATA_MEDIUM="$TRAINING_DATA_MEDIUM" \ -e TRAINING_DATA_EXTREME="$TRAINING_DATA_EXTREME" \