Integrate Vulnetix CLI into Buildkite pipelines for automated vulnerability scanning.
Add Vulnetix to Buildkite
Create .buildkite/pipeline.yml and run the Vulnetix CLI in your Buildkite pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
steps:
- label: ":shield: Vulnetix Security Scan"
command:
- curl -fsSL https://raw.githubusercontent.com/vulnetix/cli/main/install.sh | sh
- export PATH=$$PATH:$$HOME/.local/bin
- vulnetix scan
- vulnetix upload --file reports/results.sarif
env:
VULNETIX_ORG_ID: "{{VULNETIX_ORG_ID}}"
Why run Vulnetix in Buildkite?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Buildkite pipeline gates merges on what is actually exploitable, not raw scanner noise.