Run Vulnetix CLI as Argo Workflow steps for Kubernetes-native vulnerability scanning.
Add Vulnetix to Argo Workflows
Create vulnetix-workflow.yaml and run the Vulnetix CLI in your Argo Workflows pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
name: vulnetix-scan
spec:
entrypoint: scan
templates:
- name: scan
container:
image: golang:1.21
command: [bash, -c]
args:
- |
go install github.com/vulnetix/cli@latest
vulnetix scan
vulnetix upload --file reports/results.sarif
env:
- name: VULNETIX_ORG_ID
valueFrom:
secretKeyRef:
name: vulnetix-secrets
key: org-id
Why run Vulnetix in Argo Workflows?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Argo Workflows pipeline gates merges on what is actually exploitable, not raw scanner noise.