Connecting to the CI Pipeline

As an alternative to integrating with your source control, the Seal platform can also identify your existing vulnerabilities by integrating with your CI pipeline.

The Seal CLI was designed to be easily integrated as part of an organization's CI pipeline. The CLI can scan the vulnerabilities in your build machine, and report home to the Seal server what vulnerabilities exist. If you're going to use the Seal CLI to fix your packages, then having it report the scan results back is incredibly easy, and only requires using one more flag.

Note that while this setup in general provides an accurate picture of your vulnerabilities, unlike the source code integrations, fixed vulnerabilities won't be identified until you go through a build process.

For instructions about how to integrate Seal's CLI into other CI platforms see here.

To quickly run an example on your machine without configuring your CI see the usage examples.