Skip to content

CI/CD Integration

Redactyl integrates with all major CI/CD platforms. Add scanning to your pipelines to catch secrets before they reach production.

Add Redactyl to any CI pipeline with:

Terminal window
go install github.com/varalys/redactyl@latest
redactyl scan --no-tui --sarif > redactyl.sarif.json
Terminal window
redactyl scan --no-tui
# Exit code 1 if findings detected
Terminal window
redactyl scan --no-tui --severity high

Most platforms support SARIF for security findings:

Terminal window
redactyl scan --sarif > redactyl.sarif.json
Terminal window
redactyl scan --image $IMAGE_NAME:$IMAGE_TAG --no-tui
Terminal window
redactyl scan --helm ./charts --no-tui
  1. Scan on every PR - Catch secrets before merge
  2. Scan main branch - Detect secrets that slip through
  3. Scan container images - Check what actually deploys
  4. Use baselines - Reduce noise from known secrets
  5. Upload SARIF - Get findings in your PR interface