Add CLAUDE.md for ast-github-action (AST-146802)

[cx-atish-jadhav]

By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

Adds a standardized Cloud.md (CLAUDE.md) file for the ast-github-action repository, following the Cloud MD standardization template defined in epic AST-146802.

This file serves as a comprehensive project context document covering:

• Project overview and key capabilities
• Architecture diagram (Docker container + modular shell scripts)
• Repository structure breakdown
• Technology stack (Bash, Docker, Checkmarx CLI v2.3.47)
• Development setup and local testing instructions
• Coding standards and project rules
• Testing strategy (CI integration test scenarios)
• Action inputs/outputs reference
• Debugging steps and known patterns

References

• Epic: AST-146802
• Related: Cloud.md standardization across Checkmarx integration repos

Testing

This is a documentation-only change (single markdown file addition)
No functional code is modified — no runtime impact
Verified the file content accurately reflects the current repository structure, scripts, Dockerfile, action.yml inputs/outputs, and CI workflow.

Checklist

• I have added documentation for new/changed functionality in this PR (if applicable).
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used

[github-actions]

Checkmarx One – Scan Summary & Details – c5735970-cd5a-4e31-8278-8855e4f106ca

---

Policy Management Violations (1)

Policy Name	Rule(s)	Break Build
Commercial packages		true

[cx-anand-nandeshwar]

Claude.md file review comments

Missing Content - API / Endpoints / Interfaces

• Although it's an Action, it interfaces with the Checkmarx One API.
• Document the primary integration point: the cx CLI communicating with the base_uri (AST Portal URL).
• Mention the dependency on the Checkmarx One platform availability.

Missing Content - Logging

• Logging section is missing: Add a section explaining how logging works.
• Mention that CLI output is captured in output.log and then passed to GITHUB_OUTPUT (cxcli).
• Explain that standard output is streamed to the GitHub Action logs for real-time monitoring.

Security & Access Enhancements

• Masking Secrets: Add a point about ensuring secrets are masked in the GitHub logs (though GitHub does this automatically, the documentation should mandate the use of ::add-mask:: if any secrets were handled manually).