CloudBurn uses consistent exit codes so you can integrate its output into CI/CD pipelines, shell scripts, and quality gates.
Exit codes
| Code | Constant | Meaning |
|---|---|---|
0 | EXIT_CODE_OK | Scan completed successfully with no findings, or --exit-code flag was not passed |
1 | EXIT_CODE_POLICY_VIOLATION | Findings exist AND --exit-code was passed |
2 | EXIT_CODE_RUNTIME_ERROR | Runtime error — credentials missing, path not found, config invalid, etc. |
When to use --exit-code
By default, CloudBurn exits 0 even when it finds issues. This lets you use CloudBurn for informational scans without breaking your build.
Pass --exit-code when you want CloudBurn to act as a quality gate — for example, to block a pull request if cost issues are found:
cloudburn scan --exit-code
cloudburn discover --exit-code
CI example
- name: Run CloudBurn scan
run: cloudburn scan --exit-code
This step fails the CI job if any findings are returned. To allow the pipeline to continue and just report findings, omit --exit-code.
Error output format
When CloudBurn encounters a runtime error (exit code 2), it writes a JSON error object to stderr:
{
"error": "RUNTIME_ERROR",
"message": "Config file not found: /path/to/.cloudburn.yml"
}
Redirect stderr separately if you need to handle errors differently from findings:
cloudburn --format json scan --exit-code ./iac 2>error.json
What's next
| CI/CD Integration | Full GitHub Actions and GitLab CI pipeline examples |
| Output Formats | Use JSON output for structured error handling |
| cloudburn scan | All scan flags including --exit-code |