Run Vulnetix CLI with Podman for rootless, daemonless container security scanning. SELinux context labeling and secure volume mounting.
Add Vulnetix to Podman
Create podman run and run the Vulnetix CLI in your Podman pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
podman run --rm \ -v $(pwd):/workspace:Z \ -v $(pwd)/reports:/reports:Z \ -w /workspace \ -e VULNETIX_ORG_ID \ vulnetix/vulnetix:latest \ scan podman run --rm \ -v $(pwd)/reports:/reports:Z \ -e VULNETIX_ORG_ID \ vulnetix/vulnetix:latest \ upload --file /reports/results.sarif
Why run Vulnetix in Podman?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Podman pipeline gates merges on what is actually exploitable, not raw scanner noise.