Escape CLI¶
The Escape CLI provides a command-line interface to automate Escape scans. It serves as a wrapper around the Escape REST API, allowing seamless integration into your workflows. It is a fully open-source project written in Golang available from the Escape CLI GitHub Releases page.
Escape CLI and Private Locations
The Escape CLI also enables you to register and manage Private Locations. For more details, refer to the Private Locations documentation.
Installation¶
Using Curl (Unix-based Systems)¶
For Linux or macOS, run the following command to install the Escape CLI:
curl -sf https://raw.githubusercontent.com/Escape-Technologies/cli/refs/heads/main/scripts/install.sh | sudo bash
# Check installation
escape-cli version
Using PowerShell (Windows)¶
For Windows, run the following PowerShell command:
powershell -c "irm https://raw.githubusercontent.com/Escape-Technologies/cli/refs/heads/main/scripts/install.ps1 | iex"
# Check installation
escape-cli version
Docker Installation¶
The Escape CLI is also available as a Docker image. To run it via Docker, use the following command:
Configuration¶
To use the Escape CLI with your Escape instance, you need to configure the ESCAPE_API_KEY
environment variable.
- Obtain the API Key: Visit your user profile settings to retrieve your API Key.
- Set the Environment Variable: Add the
ESCAPE_API_KEY
to your shell configuration (e.g.,.bashrc
,.zshrc
) or to your CI/CD pipeline.
Optional Configuration Variables¶
ESCAPE_K8S_INTEGRATION
: Controls Kubernetes integration. By default, this is set totrue
. Set it tofalse
to disable Kubernetes integration.
Usage¶
To get started with the Escape CLI, you can run the following commands:
List Available Commands¶
Get Help for a Specific Command¶
List Your Private Locations¶
Output in Different Formats¶
You can use the --output
flag to specify the format of the results:
Cookbooks¶
Running a Scan and Saving Results in JSON Format¶
Here is an example of how to run a scan and save the results to a JSON file:
# Run the Escape CLI version command to ensure it is installed
escape-cli version
# Replace with your application ID
APP_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
# Start a scan and output the results in JSON format
escape-cli scan start "${APP_ID}" -o json | tee scan.json
# Extract the scan ID from the JSON output
SCAN_ID=$(cat scan.json | jq -r '.id')
echo "SCAN_ID: ${SCAN_ID}"
# Monitor the scan until it completes. This command will block until the scan is finished
escape-cli scan watch "${SCAN_ID}"
# Once the scan is complete, retrieve the issues
escape-cli scans issues "${SCAN_ID}"
# Optionally, output the issues in JSON format
escape-cli scans issues "${SCAN_ID}" -o json | tee issues.json
# Download scan-related files (e.g., exchanges)
escape-cli scans download "${SCAN_ID}" exchanges.zip