Getting Started

Get from zero to your first governance report in under 5 minutes.

1. Sign up and create a team

Sign up at your Clef Pro instance. On first login you'll be prompted to create a team — this is your organization in Clef Pro.

2. Create an integration

An integration is a connection point for your CI pipeline. Name it after your project, service, or team.

1. Click New Integration on the dashboard.
2. Enter a name (e.g. platform-api) and optional description.
3. An API key is generated automatically. Copy it now — you won't see it again.

3. Add clef report to your CI

Add a step to your CI pipeline that runs after your secrets are in place. The CLI fetches your integration config, evaluates your secrets locally, and sends a summary to Clef Pro.

GitHub Actions

- name: Report secrets governance
  run: npx @clef-sh/clef report
  env:
    CLEF_API_KEY: ${{ secrets.CLEF_API_KEY }}

GitLab CI

clef-report:
  stage: test
  script:
    - npx @clef-sh/clef report
  variables:
    CLEF_API_KEY: $CLEF_API_KEY

Bitbucket Pipelines

- step:
    name: Report secrets governance
    script:
      - npx @clef-sh/clef report
    # Set CLEF_API_KEY in Repository Variables

CircleCI

- run:
    name: Report secrets governance
    command: npx @clef-sh/clef report
    # Set CLEF_API_KEY in Project Environment Variables

4. View your dashboard

Once the first report lands, your integration detail page shows:

• Secret file matrix — namespace × environment grid with health status per cell
• Drift indicators — which namespaces have different encryption state across environments
• Policy results — which rules passed or failed
• Report history — navigate through previous reports with arrow controls

What's next

• Concepts — understand the data model
• CLI Integration — the full API contract
• API Reference — endpoints and schemas