# Integrating with the CI

Our CLI is built to be easily integrated as part of an organization's CI pipeline.

## GitHub Actions

If you're using GitHub actions then you can just incorporate Seal Security's own [GitHub action](https://github.com/seal-community/cli-action).

Just add it immediately after pulling the packages (for example with `npm install`) and before any other step:

```yaml
  name: seal cli
  uses: seal-community/cli-action@latest
  with:
    mode: fix
    fix_mode: all
    token: <token> # replace with a token to the artifact server
    project: <project-id> # replace with the ID of the project
```

Note that this will apply every possible fix. If you prefer to select which packages to seal, then depending on your workflow either:

* Use the local configuration and set `fix_mode: local`.
* Use the remote configuration and set `fix_mode: remote`.

## GitLab

Add a step immediately after pulling the packages (for example with `npm install`) and before any other step:

```yaml
  before_script:
    - curl -fsSL https://github.com/seal-community/cli/releases/download/${SEAL_CLI_VERSION}/seal-linux-amd64-${SEAL_CLI_VERSION}.zip -o seal.zip
    - unzip seal.zip
    - ./seal fix --mode all
  variables:
    SEAL_CLI_VERSION: latest
    SEAL_TOKEN: <token> # replace with a token to the artifact server
    SEAL_PROJECT: <project-id> # replace with the ID of the project
```

Note that this will apply every possible fix. If you prefer to select which packages to seal, then depending on your workflow either:

* Use the local configuration and set `--mode local` .
* Use the remote configuration and set `--mode remote`.

## Other CI Platforms

The CLI should be added as the step immediately after pulling the packages (for example with `npm install`) and before anything else.

The following example shows how to directly download the latest version of the CLI from a Linux terminal.

```bash
export SEAL_TOKEN=<token> # replace with a token to the artifact server
export SEAL_PROJECT=<project-id> # replace with the ID of the project
export SEAL_CLI_VERSION=latest
curl -fsSL https://github.com/seal-community/cli/releases/download/${SEAL_CLI_VERSION}/seal-linux-amd64-${SEAL_CLI_VERSION}.zip -o seal.zip
unzip seal.zip
./seal fix --mode all
```

Note that this will apply every possible fix. If you prefer to select which packages to seal, then depending on your workflow either:

* Use the local configuration and set `--mode local` .
* Use the remote configuration and set `--mode remote`.

## Docker

You can also use our CLI in a docker. The CLI should be added as the step immediately after pulling the packages (for example with `npm install`) and before anything else.

The following example shows how to directly download the latest version of the CLI from a Linux terminal and deploy it in a Dockerfile.

<pre class="language-docker"><code class="lang-docker"># Replace with a token for the artifact server
# Note: for a secure setup, we recommend using Build Secrets - https://docs.gitlab.com/ee/ci/build_secret/
ENV SEAL_TOKEN=&#x3C;token>
# Replace with the project ID
ENV SEAL_PROJECT=&#x3C;project-id>
# To avoid caching, add the line below and run the build with: `--build-arg SEAL_CACHE_BUST=$(date +%s)`
ARG SEAL_CACHE_BUST=0
# Download the CLI
ADD --chmod=755 https://github.com/seal-community/cli/releases/download/latest/seal-linux-amd64-latest?sealcache=${SEAL_CACHE_BUST} seal
<strong># Fix all of the vulnerabilities
</strong><strong>RUN ./seal fix --mode all --remove-cli
</strong></code></pre>

Note that this will apply every possible fix. If you prefer to select which packages to seal, then depending on your workflow either:

* Use the local configuration and set `--mode local` .
* Use the remote configuration and set `--mode remote`.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sealsecurity.io/fundamentals/cli/integrating-with-the-ci.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.