CLI
CI/CD
Run slate in continuous integration to scan staging or preview environments before release.
Prerequisites
Store SLATE_API_KEY as a CI secret. Use a dedicated key per environment. Ensure the pipeline only scans hosts your organization is authorized to test.
GitHub Actions example
name: Security scan
on:
push:
branches: [main]
workflow_dispatch:
jobs:
slate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Slate CLI
run: curl -fsSL https://www.slatesecurity.ai/install.sh | bash
- name: Scan staging
env:
SLATE_API_KEY: ${{ secrets.SLATE_API_KEY }}
SLATE_API_URL: https://api.slatesecurity.ai
run: slate staging.example.com --wait --jsonFail the job in a follow-up step by parsing JSON for critical or high findings, or gate on non-zero exit when the CLI reports failures.
Tips
Pin CLI version in production pipelines with SLATE_VERSION=v0.1.0 on install (see Install docs). Scan preview URLs only when they are reachable from the public internet. Each successful run uses one scan credit.