Integrate Vulnetix CLI into Harness CI for automated vulnerability scanning.
Add Vulnetix to Harness CI
Create .harness/pipeline.yaml and run the Vulnetix CLI in your Harness CI pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
pipeline:
stages:
- stage:
name: Security
type: CI
spec:
execution:
steps:
- step:
type: Run
name: Vulnetix Scan
spec:
shell: Bash
command: |
curl -fsSL https://raw.githubusercontent.com/vulnetix/cli/main/install.sh | sh
export PATH=$PATH:$HOME/.local/bin
vulnetix scan
vulnetix upload --file reports/results.sarif
Why run Vulnetix in Harness CI?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Harness CI pipeline gates merges on what is actually exploitable, not raw scanner noise.