Gatecheck automates report validation in a CI/CD Pipeline by comparing security findings to pre-determined thresholds. It also provides report aggregation, artifact integrity, and deployment validation. Gatecheck is stateless so self-hosting and provisioning servers is not required.
The fastest way to get started with Gatecheck is to download the pre-built binaries for your target system.
cd <target install dir>
curl -L <OS Specific Release>.tar.gz | tar xz
./gatecheck
./gatecheck --helpThe Gatecheck CLI supports --help for every command for more detail usage.
Generate a configuration file with the default thresholds set
gatecheck config init > gatecheck.yamlgatechec ls --helpList with EPSS Scores is support for Grype and Cyclondex reports
List with EPSS Scores is support for Grype and Cyclondex reports
Bundling Artifacts produces a gzipped tarball with an associated manifest for metadata.
