Integrate Vulnetix CLI into Spacelift for infrastructure security scanning.
Add Vulnetix to Spacelift
Create .spacelift/vulnetix.sh and run the Vulnetix CLI in your Spacelift pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
#!/bin/bash # Spacelift before_init hook curl -fsSL https://raw.githubusercontent.com/vulnetix/cli/main/install.sh | sh export PATH=$PATH:$HOME/.local/bin vulnetix scan vulnetix upload --file reports/results.sarif
Why run Vulnetix in Spacelift?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Spacelift pipeline gates merges on what is actually exploitable, not raw scanner noise.