Get started with Lucent Sky AVM CLI

Lucent Sky AVM is a developer tool that identifies application vulnerabilities and directly remediates them in the source code. It is composed of four components, CLEAR Engine (the analysis and remediation engine), Web UI, CLI, and IDE extensions.

This article describes the basic features of the CLI, and guides you through the process of scanning an application using the CLI. To learn about other functionalities of the CLI, view the following article in the Lucent Sky Knowledge Base:
Lucent Sky AVM CLI reference

In this article, you will learn how to:

Install and configure Lucent Sky CLI
Create an API key
Create a zip file containing the source code of an application.
Scan an application
Download the remediated source code
Download the report

At the end, you will be able to use the CLI to scan applications and generate remediated source code and reports.

Prerequisites

Bash, Command Prompt, or PowerShell - This article uses PowerShell in its examples, but the CLI can also be used with Bash and Command Prompt.

Install and configure Lucent Sky AVM CLI

To learn about how to install Lucent Sky AVM CLI, view the following article in the Lucent Sky Knowledge Base:
Administration guide to Lucent Sky AVM CLI

Create a zip file containing the source code of an application.

To learn about creating the source code archive of an application, view the following article in the Lucent Sky Knowledge Base:
Prepare an application scanning

Create an API key

Go to the Web UI in your browser, and then sign in with your credentials.
Go to Settings > Account, and select Create a new key. In the dialog, enter CLI as the description of the key, then select Create Key.
Select and copy the generated API key.

Configure the CLI

Open PowerShell, and navigate to the directory where the CLI is installed.

Enter the following command to set up the CLI to use a remote CLEAR Engine instance:

 # Replace <InstanceFqdn> with the FQDN or IP address of the CLEAR Engine instance
 $instanceFqdn = "<InstanceFqdn>"
 .\SkyAnalyzer.Interface.Console.exe --Interface config --Method set --Value "endpoint = $instanceFqdn:5759"

Enter the following command to create an environment variable to store the API key for authentication:
```
 # Replace <ApiKey> with the API key
 $Env:CLEAR_API_KEY = "<ApiKey>"
```

Scan an application

Open PowerShell, and navigate to the directory where the CLI is installed.

Enter the following command to create an application:

 $applicationId = New-Guid
 # Replace <ApplicationName> with a descriptive name of the application
 $applicationNAme = "<ApplicationName>"
 # Replace <Framework> with the framework of the application
 $framework = "<Framework>"
 .\SkyAnalyzer.Interface.Console.exe --Interface Application --Method Create --Name $applicationNAme --Framework $framework --ApplicationId $applicationId

Enter the following command to create a scan:

 $scanId = New-Guid
 .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Create --ApplicationId $applicationId --ScanId $scanId

Enter the following command to upload the application source code and start the scan:
```
 # Replace <SourceCodePath> with path to the source code archive
 $sourceCodePath = "<SourceCodePath>"
 .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Analyze --ScanId $scanId --SourceCodePath $sourceCodePath
```
The command will exit when the scan is completed. To learn more about how to start a scan asynchronously, view the following article in the Lucent Sky Knowledge Base:
Lucent Sky AVM CLI reference

Download the remediated source code

Enter the following command to generate and download the remediated source code:

 # Replace <RemediatedSourceCodePath> with path to save the remediated source code archive
 $remediatedSourceCodePath = "<RemediatedSourceCodePath>"
 .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Remediate --ScanId $scanId --RemediatedSourceCodePath $remediatedSourceCodePath --RemediationOption 0

Download the report

Enter the following command to generate and download a report in HTML format:

 # Replace <ReportPath> with path to save the remediated source code archive
 $reportPath = "<ReportPath>"
 .\SkyAnalyzer.Interface.Console.exe --Interface Scan --Method Report --ScanId $scanId --ReportPath $reportPath --ReportFormat html