Installation

In this section, you will find guidelines to install Horusec-CLI.

There are 4 ways to install Horusec-CLI:

  1. Local Installation
  2. Manual Installation
  3. Installation via Imagem Docker
  4. Installation via Pipeline

Next, you will understand better each one of them.

Requirements

For usage is required some tools installed in your machine:

Local Installation

The installation directly done in your computer is ideal if you want to use Horusec as soon as possible, either to perform analysis or verify vulnerabilities in your project.

Check out next, the command you need to install Horusec locally according to your operating system.

MAC or Linux

To install Horusec-CLI on MacOS or Linux, you have to run the command below in your terminal:

curl -fsSL https://horusec.io/bin/install.sh | bash

Windows

To install Horusec-CLI on Windows, you have to run the command below in your terminal:

curl "https://horusec.io/bin/latest/win_x64/horusec.exe" -o "./horusec.exe" && ./horusec.exe version

Manual installation

The manual installation is done according to your operation system and the version you want to download.

The links below are to download the lastest version:

👉Lastest available version

👉All available versions

Installation via image docker

Another way to carry out your analysis is through a docker image that you can run locally or use in your pipeline.

See some use cases below:

Starting image with run command:

When you initialize the image with the run command, just run Horusec with the command you want.

docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src horuszup/horusec-cli:latest horusec start -p /src -P $(pwd)

Installation via pipeline:

This type of installation assures the safety in the deliver of your project in production, since Horusec is added to your pipeline.

See next the ways to install considering different types of pipeline:

Github Actions

name: SecurityPipeline

on: [push]

jobs:
  horusec-security:
    name: horusec-security
    runs-on: ubuntu-latest
    steps:
    - name: Check out code
      uses: actions/checkout@v2
    - name: Running Horusec Security
      run: |
        curl -fsSL https://horusec.io/bin/install.sh | bash
        horusec start -p="./" -e="true"

AWS Code Build

  • Environment:

    • Managed image
    • Operational sytem: Ubuntu
    • Execution time: Standard
    • Image: aws/codebuild/standard:3.0
    • Image Version: Latest
    • Environment type: Linux
    • Enable this indicator if you want to create Docker images or want your builds to get elevated privileges: true

  • Buildspec:

version: 0.2

phases:
  install:
    runtime-versions:
      docker: 18
  build:
    commands:
      - docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src/horusec horuszup/horusec-cli:latest horusec start -p /src/horusec -P $(pwd)

Circle CI

version: 2.1

executors:
  horusec-executor:
    machine:
      image: ubuntu-1604:202004-01

jobs:
  horusec:
    executor: horusec-executor
    steps:
      - checkout
      - run:
          name: Horusec Security Test
          command: |
            curl -fsSL https://horusec.io/bin/install.sh | bash
            horusec start -p="./" -e="true"            
workflows:
  pipeline:
    jobs:
      - horusec

Jenkins

stages {
        stage('Security') {
            agent {
                docker { image 'docker:dind' }
            }
            steps {
                sh 'curl -fsSL https://horusec.io/bin/install.sh | bash'
                sh 'horusec start -p="./" -e="true"'
            }
        }
    }

Azure DevOps Pipeline

pool:
  vmImage: 'ubuntu-18.04'

steps:
- script: curl -fsSL https://horusec.io/bin/install.sh | bash && horusec start -p ./

GitLab CI/CD

image: docker:latest

services:
  - docker:dind

build-code-job:
  stage: build
  script:
    - docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src/horusec horuszup/horusec-cli:latest horusec start -p /src/horusec -P $(pwd)

Last modified May 20, 2021: Fix version 1.0.0 with new links (a868f86)