Integrate KubeClarity with Vulnetix. Generate CycloneDX or SPDX SBOMs from container images and scan them for vulnerabilities using Grype or Trivy. Upload to Vulnetix.
GoCLI toolCycloneDXSPDXJSON
Install & scan
$ # Download kubeclarity-cli binary curl -sL https://github.com/openclarity/kubeclarity/releases/latest/download/kubeclarity-cli-linux-amd64 -o kubeclarity-cli chmod +x kubeclarity-cli sudo mv kubeclarity-cli /usr/local/bin/ $ # Generate SBOM (CycloneDX JSON) ANALYZER_LIST="syft" kubeclarity-cli analyze --input-type image nginx:latest -o nginx.sbom # Scan SBOM for vulnerabilities (Grype) SCANNERS_LIST="grype" kubeclarity-cli scan nginx.sbom --input-type sbom
Run KubeClarity in CI
Scan on every push and upload the results to Vulnetix:
- name: Install kubeclarity-cli
run: |
curl -sL https://github.com/openclarity/kubeclarity/releases/latest/download/kubeclarity-cli-linux-amd64 -o kubeclarity-cli
chmod +x kubeclarity-cli
- name: Generate SBOM and scan
run: |
ANALYZER_LIST="syft" ./kubeclarity-cli analyze --input-type image myapp:${{ github.sha }} -o myapp.sbom.json
SCANNERS_LIST="grype" ./kubeclarity-cli scan myapp.sbom.json --input-type sbom
- name: Upload SBOM to Vulnetix
run: vulnetix upload --file myapp.sbom.json
Centralise KubeClarity results in Vulnetix
Upload KubeClarity CycloneDX, SPDX, JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.