Integrate Vulnetix CLI into Tekton pipelines for cloud-native vulnerability scanning.
Add Vulnetix to Tekton
Create vulnetix-task.yaml and run the Vulnetix CLI in your Tekton pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: vulnetix-scan
spec:
steps:
- name: scan
image: golang:1.21
env:
- name: VULNETIX_ORG_ID
valueFrom:
secretKeyRef:
name: vulnetix-secrets
key: org-id
script: |
go install github.com/vulnetix/cli@latest
vulnetix scan
vulnetix upload --file reports/results.sarif
Why run Vulnetix in Tekton?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Tekton pipeline gates merges on what is actually exploitable, not raw scanner noise.