search

Xygeni CLI Installation

Xygeni CLI can be used either installing it or by using Xygeni CLI Docker Image.

circle-info

This page specifies how to install CLI. Please visit Xygeni CLI Docker Image if you prefer to use the CLI docker image.

hashtag
CLI Installation

circle-info

Please see Xygeni CLI Prerequisites before installing.

hashtag
Download the Scanner

Run the one of the following which better matches your preferences:

curl -sLO https://get.xygeni.io/latest/scanner/xygeni-release.zip

Or go to https://get.xygeni.ioarrow-up-right and dowload it manually.

hashtag
Verify the integrity of the script

Xygeni publishes a SHA-256 checksum of published components in the xygeni/xygeni GitHub repositoryarrow-up-right, so you may verify the integrity of a downloaded artifact.

circle-info

This GitHub repository website is hosted in a completely different platform from the download site. Hackers need to compromise two different sites to keep tampered components, like the scanner or the installation script, undetected by the checksum verification.

To ensure that the downloaded installation script checksum matches the checksum published in Xygeni repository, meaning that probably it was not tampered with:

echo "$(curl -s https://raw.githubusercontent.com/xygeni/xygeni/main/checksum/latest/xygeni-release.zip.sha256) xygeni-release.zip" | sha256sum --check

If under macOS, as sha256sum is probably not installed in your host, you may:

  1. read thisarrow-up-right to install it,

  2. or use shasum -a 256 instead or sha256sum if the shasum command is installed,

echo "$(curl -s https://raw.githubusercontent.com/xygeni/xygeni/main/checksum/latest/xygeni-release.zip.sha256) xygeni-release.zip" | sha256 -a 256 --check

  1. or use openssl to compute the SHA-256 checksum of the installation script and compare it with the published checksum.

hashtag
Unzip the scanner

Unzip the Xygeni Scanner zip that you have just downloaded to a new folder.

circle-info

If unzip command is not available you can use:

hashtag
Fetch your Xygeni API token

circle-info

Active Xygeni account credentials are mandatory to run the script, so make sure you’ve signed up first! Visit Create a Free Trial account or Log in to Xygeni

Go your profile pannelarrow-up-right and navigate to Organization/Personal Tokens:

Create a new token. The difference betweeen Organization tokens and Personal tokens is who can see and revoke those tokens. Select either one and generate a new token.

In order to run scans, the only permission that is needed is the "Upload scan results" permission. However, if you want to use the same token with the REST API, you’ll need to grant it additional permissions.

hashtag
Set XYGENI_TOKEN environment variable

In order to run scans, a new environment variable must be set, the name of this variable must be "XYGENI_TOKEN" and it content has to be the token that was created in the previous step.

Add this line at the end of the file:

Apply the changes:

circle-info

This will create the XYGENI_TOKEN environment variable for the current user.

hashtag
(Recommended) Add the scanner folder to path

In order to execute the Xygeni application as another command, the Xygeni Scanner folder must be added to the path.

circle-info

This step is optional but highly recommended to facilitate future scans.

Add this line at the end of the file:

Apply the changes:

circle-info

This will modify the Current User Path.

hashtag
What’s next?

Congratulations, at this point you should have your installation successfully completed.

Now, let’s run your first scan. Move to your installation directory and execute the command:

PreviousXygeni CLI PrerequisitesNextXygeni CLI Docker Image

Last updated