# Step-by-Step Setup Guide This guide walks you through the initial account setup, token generation, and connecting your first project to Seal Security. ## Account Creation & Token Generation Follow these steps to access the platform and prepare your environment. If you already have a token, you can skip to the next section. 1. **Access the Invite:** Click on the **Sign in >** button in the Seal Security invite email you received. 2. **Log In:** Log in to the platform using your password or social login credentials. 3. **Start Onboarding:** We're starting the onboarding flow. Click **Next >** to begin. 4. **Generate Token:** First, you must generate a token to Seal's artifact server. This allows you to download our sealed versions.\ ![Generate Token](/files/PavZ4q5NrXJse1vkrR0Y) 1. **Generate:** Click on **Generate token**. 2. **Copy:** Copy the newly generated token using the copy icon at the right of the text box. > **Important:** You will need this token later. While it should eventually be saved in a secure location (like a password manager or secret store), copy it now for immediate use in the next steps. 3. **Download CLI:** Download the appropriate CLI binary for your machine. 4. **Continue:** Click **Next >**. 5. Click **Next >** and then click on **GitHub**. 6. **Grant Access and Install Bot:** You need to give the Seal Security Bot access to the relevant repositories: 1. Connect to your GitHub account. 2. Install the Seal Security Bot. In this screen, you will be asked to select the relevant GitHub organization, and then decide whether to give the Seal app access to **all its repositories** or to **select specific ones**. 3. After you've selected which repositories you're giving access to, you'll return to the onboarding flow. ![Grant Access and Install Bot](/files/1gNTjzEVTiWlGaDV5A6b) 7. Choose your import method: **Automatic (Bulk)** or **Manual (One-by-one)**. **Path A1: Manual Import** ![Manual Import](/files/wfWTxqudZfLVRQe2tHnl) 1. Paste the path to your repository. You can add up to 3 repositories at once. 2. Give each repository a name. 3. Click **Import**. **Path A2: Automatic (Bulk) Import** ![Automatic Import](/files/d2d12BSCNCmCEIRuTS6r) 1. Review the list of dependency files detected in your repository. 2. Select the specific dependency files you wish to scan. 3. Click **Import**. 8. **View Protection page:** You will land on the Protection screen. * **Status:** Since no projects are connected yet, we are not showing any results. * **Next Step:** We are now going to populate this data using the CLI. ![Empty Protection page](/files/Fgf0cjrcjNzbEzFu4thb) ## Integrate the Seal CLI To start fixing vulnerabilities (and populate the Protection page), you must integrate the CLI into your build pipeline. **The Golden Rule:** In all cases, the CLI step must be added **immediately after** dependencies are pulled/installed (from standard registries or your artifact server) but before the final build/compilation. **Important Configuration:** For all integration methods, you must ensure the following environment variables are set: * `SEAL_TOKEN`: The token you generated earlier. * `SEAL_PROJECT`: The ID of your project on the Seal platform (e.g., "my-first-project"). Identify the location of your build pipeline. In the pipeline, identify the step where dependencies are installed (e.g., `./gradlew dependencies`). Identify the location of the `build.gradle` file. Add the seal fix command: ```bash ./gradlew dependencies export SEAL_TOKEN=${YOUR_TOKEN} export SEAL_PROJECT="my-first-project" # Snyk integration export SEAL_SNYK_URL="https://api.snyk.io" export SEAL_SNYK_TOKEN=${SNYK_TOKEN} export SEAL_SNYK_ORG_ID=${SNYK_ORG_ID} export SEAL_SNYK_PROJECT_ID=${SNYK_PROJECT_ID} seal fix --mode remote build.gradle ./gradlew build ``` ## Sealing a package Once you have integrated the CLI into your pipeline, follow these steps to see the results. 1. **Trigger the Pipeline:** Run your build pipeline (Jenkins job, GitHub Action workflow, or Docker build). This execution will trigger the `seal fix` command, which scans your dependencies and reports back to the Seal Platform. 2. **View the Protection page:** Navigate to the [Protection page](https://app.sealsecurity.io/protection/vulnerable). * If the page is already open and empty, refresh it. You should now see a list of detected vulnerable packages.\ ![Protection page with vulnerabilities](/files/XQHhwONeldfIPywa0Sxy) 3. **Remediate Vulnerabilities:** Now that we have visibility, let's look at how we apply fixes. In remote fix mode you have full control over the sealing process via the UI: * **Available Fixes:** Packages with a ready-to-use sealed version will display a blue Seal button. * **Action:** Click the Seal button, then confirm by clicking Seal package in the dialog box. This creates a sealing rule on the server to replace the vulnerable package with a sealed version of it. * **Apply:** Run your pipeline again. The CLI will now pick up the new rule, replace the package, and the status in the UI will change to a green Sealed label.\ ![Sealing Modal](/files/AeMo59eV2A3gOZW8RW6H) * **Pending:** Packages without an existing sealed version will show a **Generate Fix** button. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sealsecurity.io/step-by-step-onboarding-guides/java_gradle-github-snyk-local-cli_remote-keep_names.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.