Skip to main content

CI/CD Integration

Integrate Ariftly into your CI/CD pipeline to automatically scan on every pull request and block deployments that exceed risk thresholds.

How it works

  1. Your pipeline triggers an Ariftly scan after build/deploy to a staging environment
  2. Ariftly runs the configured detectors
  3. If the risk score exceeds your thresholds, the pipeline step fails and the deployment is blocked
  4. Findings are reported in the PR (via GitHub PR checks or GitLab MR reports)

Configuration via ariftly.yml

Add an ariftly.yml to the root of your repository:

# ariftly.yml
version: 1

project_id: proj_abc123

detectors:
  - accessibility
  - security
  - ai_readiness

thresholds:
  overall: 70       # Fail if overall risk score > 70
  security: 50      # Fail if security risk score > 50
  accessibility: 60 # Fail if accessibility risk score > 60

notifications:
  on_threshold_exceeded: true
  on_new_critical: true

detector_options:
  accessibility:
    wcag_level: AA
  security:
    check_dependencies: true
    secret_detection: true

Generic CI script

For any CI system, use the Ariftly CLI or curl:

#!/bin/bash
set -e

# Trigger scan
SCAN=$(curl -s -X POST "https://api.ariftly.io/v1/projects/${ARIFTLY_PROJECT_ID}/scans" \
  -H "Authorization: Bearer ${ARIFTLY_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{"detectors": ["accessibility", "security"]}')

SCAN_ID=$(echo $SCAN | jq -r '.scan_id')
echo "Scan started: $SCAN_ID"

# Poll for completion
while true; do
  STATUS=$(curl -s "https://api.ariftly.io/v1/scans/${SCAN_ID}" \
    -H "Authorization: Bearer ${ARIFTLY_API_KEY}" | jq -r '.status')

  echo "Status: $STATUS"

  if [ "$STATUS" = "completed" ] || [ "$STATUS" = "failed" ]; then
    break
  fi

  sleep 10
done

# Check risk score
RISK_SCORE=$(curl -s "https://api.ariftly.io/v1/scans/${SCAN_ID}" \
  -H "Authorization: Bearer ${ARIFTLY_API_KEY}" | jq -r '.risk_score')

echo "Risk score: $RISK_SCORE"

if [ "$RISK_SCORE" -gt 70 ]; then
  echo "Risk score $RISK_SCORE exceeds threshold of 70. Blocking deployment."
  exit 1
fi

echo "Risk score within acceptable threshold. Deployment approved."

Environment variable reference

VariableDescription
ARIFTLY_API_KEYYour Ariftly API key
ARIFTLY_PROJECT_IDProject ID to scan

Store these as secrets in your CI/CD platform — never commit them to your repository.

Supported CI platforms

  • GitHub Actions — official action available
  • GitLab CI — use the generic script above
  • CircleCI — use the generic script above
  • Jenkins — use the generic script above
  • Bitbucket Pipelines — use the generic script above