Set up CI/CD for Bearer CLI

Using Bearer CLI in your CI/CD pipeline works similarly to most other integrations. You can choose to run scans as part of the native CI/CD workflows of GitHub or GitLab, or roll your own support for additional third party services.

GitHub

Bearer offers an official GitHub Action to connect directly with your repository. To enable it with the default settings, create a bearer.yml file in your .github/workflows directory and include the following:

steps:
  - uses: actions/checkout@v3
  - uses: bearer/bearer-action@v2

For more details and additional configuration, see our guide to using the GitHub action.

GitLab

To integrate Bearer CLI with GitLab CI/CD, we recommend using the docker entrypoint method. Edit your existing .gitlab-ci.yml file or add one to your repository root, then add the following lines:

image: 
  name: bearer/bearer
  entrypoint: [ "" ]

bearer:
  script: bearer scan .

This tells GitLab to use the bearer/bearer docker image. You can adjust the script key to customize the scan with flags the same way as a local installation. An example of this file is available in our example GitLab repo.

GitLab's guide on Running CI/CD jobs in Docker containers provides additional context on configuring the CI in this way.

Universal setup

For other services, we recommend selecting the installation method that best fits the platform.

Do you have a CI/CD workflow that you'd like to see added to this guide? Open an issue or let us know on discord.