Overview
vg push uploads scan artifacts to the Vibgrate Cloud for team visibility, trend analysis, and portfolio-level insights.
Optional Feature: The CLI provides full value locally. Uploading to Vibgrate Cloud is always opt-in.
Usage
vg push [options]
Options
| Flag | Default | Description |
|---|---|---|
--dsn <token> | VIBGRATE_DSN env | DSN token for authentication |
--file <path> | .vibgrate/scan_result.json | Scan artifact to upload |
--region <code> | auto | Data residency override: us, eu |
--strict | false | Exit with error if upload fails |
Vibgrate Cloud Benefits
| Feature | Description |
|---|---|
| 📊 Shared View | Team-wide visibility into drift across projects |
| 📈 Trend Charts | Historical drift score over time |
| 🏢 Portfolio View | Risk assessment across all repositories |
| 🔔 Alerts | Notifications when drift exceeds thresholds |
DSN Authentication
Vibgrate uses HMAC-signed DSN tokens for secure authentication:
vibgrate+https://<key_id>:<secret>@<ingest_host>/<workspace_id>
Setting Up DSN
# Option 1: Environment variable (recommended for CI)
export VIBGRATE_DSN="vibgrate+https://key:secret@us.ingest.vibgrate.com/ws-123"
# Option 2: Command-line flag
vg push --dsn "vibgrate+https://..."
Security: Store DSN as a CI secret. Never commit to source control.
Examples
Basic Push
# Uses VIBGRATE_DSN environment variable
vg push
Output:
✓ Uploading scan artifact...
✓ Upload complete
→ View at: https://dash.vibgrate.com/ws-123/scan/abc456
Strict Mode (CI)
# Fail pipeline if upload fails
vg push --strict --file .vibgrate/scan_result.json
EU Data Residency
vg push --region eu
Combined with Scan
# Scan and push in one command
vg scan --push --strict
Data Residency
| Region | Endpoint | Location |
|---|---|---|
| 🇺🇸 US (default) | us.ingest.vibgrate.com | United States |
| 🇪🇺 EU | eu.ingest.vibgrate.com | European Union |
Note: Data residency is determined by your DSN. Use --region only to override for testing.
CI Integration
GitHub Actions
- name: Scan and push to dashboard
env:
VIBGRATE_DSN: ${{ secrets.VIBGRATE_DSN }}
run: npx @vibgrate/cli scan --push --strict
Azure DevOps
- script: npx @vibgrate/cli scan --push --strict
env:
VIBGRATE_DSN: $(VIBGRATE_DSN)
Best Practices
| Practice | Rationale |
|---|---|
✅ Use --strict in CI | Ensure pipeline fails if upload fails |
| 🔐 Store DSN as secret | Never expose in logs or source code |
📁 Ignore scan_result.json | Add to .gitignore |
| 🔄 Push on main branch only | Avoid noise from PR builds |
Related Commands
- vg dsn create — Generate DSN tokens
- vg scan — Run scan with
--pushflag - Vibgrate Cloud Guide — Using the web dashboard