Installation

In this section, you will find guidelines to install Horusec-CLI.

There are 4 ways to install Horusec-CLI:

Local Installation
Manual Installation
Installation via Imagem Docker
Installation via Pipeline

See each one of them below:

Requirements

Check out the requirements to use Horusec-CLI:

Docker (recommended version 19.03.11). If you want to disable Docker, check out how to use Horusec without Docker tutorial, but you may lose data from analysis made by other tools.
Git (recommended version 2.25.1). If you want to run analysis with Git, check out how to enable git history analysis tutorial, but it is not enabled by default.

Local Installation

This installation is recommended if you want to use Horusec for analysis or for searching for vulnerabilities in your project.

See below the commands to install Horusec locally according to your operating system:

MAC or Linux

Run the command below in your terminal:

curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest

Windows

Run the command below in your terminal:

You always need to run the command where you have downloaded the executable.

curl -k "https://github.com/ZupIT/horusec/releases/latest/download/horusec_win_amd64.exe" -o "./horusec.exe" && ./horusec.exe version

In Horusec there are two types of binary:

“Normal”: In this type of binary you have the default execution using Docker;
“StandAlone”: In this type of binary you have only tools that use Horusec-Engine without dependence with the docker.

👉A última versão disponível

👉Todas as versões disponíveis

Manual installation

The manual installation is done according to your operating system and the version you want to download. See the latest versions below:

Horusec has support for:

Operational system	Processor Architecture	Binary Type	Download
Linux	amd64	Binary normal	📥 Download
Linux	arm64	Binary normal	📥 Download
Linux	amd64	Installer debian normal	📥 Download
Linux	arm64	Installer debian normal	📥 Download
Linux	amd64	Installer rpm normal	📥 Download
Linux	arm64	Installer rpm normal	📥 Download
Linux	amd64	Binary Stand Alone	📥 Download
Linux	arm64	Binary Stand Alone	📥 Download
Mac	amd64	Binary normal	📥 Download
Mac	arm64	Binary normal	📥 Download
Mac	amd64	Binary Stand Alone	📥 Download
Mac	arm64	Binary Stand Alone	📥 Download
Windows	amd64	Binary normal	📥 Download
Windows	arm64	Binary normal	📥 Download
Windows	amd64	Binary Stand Alone	📥 Download
Windows	arm64	Binary Stand Alone	📥 Download

If you want a specific version, change the word latest in the link to the version you want.

After downloading the files for Mac or Linux it will be necessary to make them executable through the command chmod +x.

Download the files;
You have to make these files executable through the chmod +xcommand:

chmod +x path/horusec_[your version here]

Now, you will be able to open the file for manual installation.

👉Lastest available version

👉All available versions

If you received the following message in your analysis:

{HORUSEC_CLI} Nancy tool failed to query the GitHub API for updates.
This is most likely due to GitHub rate-limiting on unauthenticated requests.
To make authenticated requests please:
  1. Generate a token at https://github.com/settings/tokens
  2. Set the token by setting the GITHUB_TOKEN environment variable.
Instructions for generating a token can be found at:
https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line.

Do not worry, just add the following environment variable GITHUB_TOKEN with its value as follows this documentation.

Installation via Docker Image

You can carry out your analysis through a docker image, you are able to run locally or using your pipeline.

See some use cases below:

1. Starting image with the run command:

When you initialize the image with the run command, just run Horusec with the command you want.

docker run -v /var/run/docker.sock:/var/run/docker.sock \
        -v $(pwd):/src/horusec \
        horuszup/horusec-cli:latest horusec start -p /src/horusec -P $(pwd) --config-file-path=/src/horusec/horusec-config.json

Check out if the environment you are working in allows you to create a bidirectional volume because this is necessary to use Horusec in a docker image.

2. Installation via pipeline

This installation assures the safety in the delivery of your project in production since Horusec is added to your pipeline.

See next the ways to install considering different types of pipeline:

Github Actions

name: SecurityPipeline

on: [push]

jobs:
  horusec-security:
    name: horusec-security
    runs-on: ubuntu-latest
    steps:
    - name: Check out code
      uses: actions/checkout@v2
      with: # Required when commit authors is enabled
        fetch-depth: 0
    - name: Running Horusec Security
      run: |
        curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest
        horusec start -p="./" -e="true"

AWS Code Build

Origin
- Git Clone Depth: Full
Environment:
- Environment image: Managed image
- Operational System: Ubuntu
- Runtime: Standard
- Image: aws/codebuild/standard:5.0
- Image version: Always use the most recent image for this version of runtime
- Environment Type: Linux
- Enable this indicator if you want to create Docker images or want your builds to get elevated privileges: true
Buildspec:
- Switch to the editor and insert compilation commands:

version: 0.2

phases:
  build:
    commands:
      - docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src/horusec horuszup/horusec-cli:latest horusec start -p /src/horusec -P $(pwd) --config-file-path=/src/horusec/horusec-config.json

Circle CI

version: 2.1

executors:
  horusec-executor:
    machine:
      image: ubuntu-1604:202004-01

jobs:
  horusec:
    executor: horusec-executor
    steps:
      - checkout
      - run:
          name: Horusec Security Test
          command: |
            curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest
            horusec start -p="./" -e="true"            
workflows:
  pipeline:
    jobs:
      - horusec

Jenkins

In machines that use Jenkins should have the docker and git installed so that Horusec has all power in their analyzes.Check for more information at the requirements of CLI.

stages {
    stage('Security') {
        steps {
            sh 'curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest'
            sh 'horusec start -p="./" -e="true"'
        }
    }
}

Azure DevOps Pipeline

pool:
  vmImage: 'ubuntu-18.04'

steps:
- script: |
    curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest
    horusec start -p ./

GitLab CI/CD

image: docker:latest

variables:
  GIT_DEPTH: 0 # Required when commit authors is enabled

services:
  - docker:dind

build-code-job:
  stage: build
  script:
    - docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src/horusec horuszup/horusec-cli:latest horusec start -p /src/horusec -P $(pwd)

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified February 23, 2022: installation:chore - Update version of Horusec-CLI to v2.7.0 (1ec2d320)