Xygeni CLI Installation

Xygeni CLI can be used either installing it or by using Xygeni CLI Docker Image.

This page specifies how to install CLI. Please visit Xygeni CLI Docker Image if you prefer to use the CLI docker image.

CLI Installation

Please see Xygeni CLI Prerequisites before installing.

Download the Scanner

Run the one of the following which better matches your preferences:

curl -sLO https://get.xygeni.io/latest/scanner/xygeni-release.zip

Or go to https://get.xygeni.io and dowload it manually.

Verify the integrity of the script

Xygeni publishes a SHA-256 checksum of published components in the xygeni/xygeni GitHub repository, so you may verify the integrity of a downloaded artifact.

This GitHub repository website is hosted in a completely different platform from the download site. Hackers need to compromise two different sites to keep tampered components, like the scanner or the installation script, undetected by the checksum verification.

To ensure that the downloaded installation script checksum matches the checksum published in Xygeni repository, meaning that probably it was not tampered with:

echo "$(curl -s https://raw.githubusercontent.com/xygeni/xygeni/main/checksum/latest/xygeni-release.zip.sha256) xygeni-release.zip" | sha256sum --check

If under macOS, as sha256sum is probably not installed in your host, you may:

  1. read this to install it,

  2. or use shasum -a 256 instead or sha256sum if the shasum command is installed,

echo "$(curl -s https://raw.githubusercontent.com/xygeni/xygeni/main/checksum/latest/xygeni-release.zip.sha256) xygeni-release.zip" | sha256 -a 256 --check

  1. or use openssl to compute the SHA-256 checksum of the installation script and compare it with the published checksum.

Unzip the scanner

Unzip the Xygeni Scanner zip that you have just downloaded to a new folder.

If unzip command is not available you can use:

sudo apt install unzip
unzip xygeni-release.zip -d /destination/path

Fetch your Xygeni API token

Active Xygeni account credentials are mandatory to run the script, so make sure you’ve signed up first! Visit Create a Free Trial account or Log in to Xygeni

Go your profile pannel and navigate to Organization/Personal Tokens:

Create a new token. The difference betweeen Organization tokens and Personal tokens is who can see and revoke those tokens. Select either one and generate a new token.

In order to run scans, the only permission that is needed is the "Upload scan results" permission. However, if you want to use the same token with the REST API, you’ll need to grant it additional permissions.

Set XYGENI_TOKEN environment variable

In order to run scans, a new environment variable must be set, the name of this variable must be "XYGENI_TOKEN" and it content has to be the token that was created in the previous step.

nano ~/.bashrc

Add this line at the end of the file:

export XYGENI_TOKEN="<TOKEN>"

Apply the changes:

source ~/.bashrc

This will create the XYGENI_TOKEN environment variable for the current user.

(Recommended) Add the scanner folder to path

In order to execute the Xygeni application as another command, the Xygeni Scanner folder must be added to the path.

This step is optional but highly recommended to facilitate future scans.

nano ~/.bashrc

Add this line at the end of the file:

export PATH="$PATH:/Path/To/Scanner"

Apply the changes:

source ~/.bashrc

This will modify the Current User Path.

What’s next?

Congratulations, at this point you should have your installation successfully completed.

Now, let’s run your first scan. Move to your installation directory and execute the command:

cd my-xygeni-installation-dir
xygeni scan -n your_project_name --dir your_project_path

PreviousXygeni CLI PrerequisitesNextXygeni CLI Docker Image

Last updated