CI/CD Integration

Use truss in CI/CD pipelines to verify agent actions, validate evidence chains, and enforce compliance gates.

GitHub Actions

- name: Verify mandate
  run: |
    npm install -g @tensflare/cli
    truss auth login --api-url ${{ secrets.TRUSS_API_URL }} --api-key ${{ secrets.TRUSS_API_KEY }}
    truss verify mandate ${{ env.MANDATE_ID }}

Environment variables

Set TRUSS_API_URL and TRUSS_API_KEY in your CI environment instead of interactive login:

export TRUSS_API_URL=${{ secrets.TRUSS_API_URL }}
export TRUSS_API_KEY=${{ secrets.TRUSS_API_KEY }}
truss verify evidence $EVIDENCE_ID

Exit codes for gates

if ! truss verify mandate "$MANDATE_ID" --json; then
  echo "Mandate verification failed — blocking deploy"
  exit 1
fi