CI/CD Integration

Add xa-v to your pipeline to automatically scan APIs on every change.

GitHub Actions

Create .github/workflows/xa-v-scan.yml:

name: xa-v API Security Scan

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: xa-v/scan@v1
        with:
          spec: ./openapi.yaml
          api-key: ${{ secrets.XAV_API_KEY }}

GitLab CI

Add to .gitlab-ci.yml:

xa-v-scan:
  image: node:20
  script:
    - npx xa-v scan ./openapi.yaml --output json
  only:
    - main
    - merge_requests

CircleCI

Add to .circleci/config.yml:

jobs:
  xa-v-scan:
    docker:
      - image: cimg/node:20.0
    steps:
      - checkout
      - run: npx xa-v scan ./openapi.yaml

workflows:
  security:
    jobs:
      - xa-v-scan

Exit Codes

CodeMeaning
0No vulnerabilities found
1Vulnerabilities found
2Scan failed or timeout

Use the exit code to fail builds when vulnerabilities are found:

xa-v scan ./openapi.yaml && echo "Pass" ||echo "Fail"