Update Nightly Scan Workflow

[derekmisler]

Overview

This PR makes several updates to the nightly scan workflow (.github/workflows/nightly-scan.yml) to improve reliability, correct scheduling, and satisfy YAML linting requirements.

Changes Summary

Cron Schedule Update

• The scheduled workflow time has been updated from 6am UTC to 2am UTC.
• This is reflected by changing the cron expression from:

Workflow Input Description Quote Standardization

• Updated the input description for the dry-run option to use double quotes for consistency.

Job Timeout Addition

• A job-level timeout (timeout-minutes: 30) has been added to the scan job. This prevents the job from running indefinitely if something goes wrong.

Prompt Expression Fix to Satisfy YAML Linter

• The prompt input for the docker/cagent-action step was triggering YAML linter errors due to nested mappings and incorrect type expectations.
• The expression has been wrapped in double quotes, and bracket notation is now used for the hyphenated property name:

Testing

• The changes have been validated locally via the IDE's YAML linter.
• The updated cron expression and timeout addition have been deployed to ensure the workflow runs as expected.
• The prompt expression now parses correctly, resolving the linter's concerns regarding nested mappings and type expectations.

[derekmisler]

We have a yaml linter in cagent-action that runs in CI, I wonder if it's a good idea here, too

[github-actions]

Review Summary

✅ No issues found in the changed code.

This PR makes several legitimate improvements to the nightly scan workflow:

• Cron schedule update: Changes the scheduled run time from 6am to 2am UTC
• Timeout addition: Adds a sensible 30-minute timeout to prevent indefinite runs
• Input reference fix: Corrects the syntax from inputs.dry-run (dot notation, which doesn't work with hyphenated names) to inputs['dry-run'] (bracket notation, which is the correct approach for accessing workflow inputs with hyphens in GitHub Actions)
• Quote standardization: Updates quotes for consistency

All changes are syntactically correct and the bracket notation fix actually resolves a latent bug in the original code where the dry-run input would not have been properly evaluated.

[krissetto]

We have a yaml linter in cagent-action that runs in CI, I wonder if it's a good idea here, too

@derekmisler We could integrate one into the task lint command which already runs in CI, extending it for linting workflows etc as well. WDYT?

[derekmisler]

We have a yaml linter in cagent-action that runs in CI, I wonder if it's a good idea here, too

@derekmisler We could integrate one into the task lint command which already runs in CI, extending it for linting workflows etc as well. WDYT?

Lets do it!

[Pnkcaht]

@derekmisler @krissetto If there's anything I can help with, let me know

[krissetto]

we got it thanks