Integrate Vulnetix CLI into Gitea Actions workflows (GitHub Actions compatible) for vulnerability scanning.
Add Vulnetix to Gitea Actions
Create .gitea/workflows/vulnetix.yml and run the Vulnetix CLI in your Gitea Actions pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
name: Vulnetix
on: [push, pull_request]
jobs:
vulnetix:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: |
curl -fsSL https://raw.githubusercontent.com/vulnetix/cli/main/install.sh | sh
export PATH=$PATH:$HOME/.local/bin
vulnetix scan
vulnetix upload --file reports/results.sarif
env:
VULNETIX_ORG_ID: ${{ secrets.VULNETIX_ORG_ID }}
Why run Vulnetix in Gitea Actions?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Gitea Actions pipeline gates merges on what is actually exploitable, not raw scanner noise.