User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • APIs
    • List Vulnerable Packages
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals
  2. Quick Start Guide
  3. Package Discovery

Connecting to the CI Pipeline

PreviousConnecting to Azure DevOpsNextConnecting to the Artifact Server

Last updated 5 months ago

As an alternative to integrating with your source control, the Seal platform can also identify your existing vulnerabilities by integrating with your CI pipeline.

The Seal CLI was designed to be easily integrated as part of an organization's CI pipeline. The CLI can scan the vulnerabilities in your build machine, and report home to the Seal server what vulnerabilities exist. If you're going to , then having it report the scan results back is incredibly easy, and only requires .

Note that while this setup in general provides an accurate picture of your vulnerabilities, unlike the source code integrations, fixed vulnerabilities won't be identified until you go through a build process.

For instructions about how to integrate Seal's CLI into other CI platforms see .

To quickly run an example on your machine without configuring your CI see the usage examples.

use the Seal CLI to fix your packages
using one more flag
here