api

Use the api command to interact with the Endor Labs API

The endorctl api command allows you to interact with the Endor Labs API directly through the command line interface, endorctl.

Usage

endorctl api allows users to interact with the API using a set of subcommands.

The syntax of endorctl api is as follows:

endorctl api [subcommand] [flags]

The following subcommands are supported as part of endorctl api:

  • endorctl api list lists a specified group of objects in a namespace.
  • endorctl api get gets a specified object in a namespace.
  • endorctl api delete deletes a specified object in a namespace.
  • endorctl api create creates a specified object in a namespace.
  • endorctl api update updates a specified object in a namespace.

The following global flags are used for any endorctl api command:

  • Use --resource or -r to set the resource type that you would like to interact with. See resource types for a list of supported resource types.
  • Use --name to set the name of the resource that you would like to interact with.
  • Use --output-type or -o to define the output of response from the API. The output type is by default json but may be yaml, json or table.
  • Use --uuid to call the specific UUID of a given resource.
  • Use --timeout to specify a timeout for an API command.
  • Use --interactive to update an A
  • Use --data or -d to define an object you would like to create as a json payload.
  • Use --field-mask to set the fields that you would like to be returned from the API.
  • Use --filter to set a filter on the response of listed results from the API.
  • Use --count to return a count of listed objects.

Commonly Used Resource Types

The following table includes a list of supported resource types that are commonly used in the API. See the API documentation to get a full list of resource types.

Resource Kind Parent Resource Description
Project N/A A project represents a configuration for ingesting source control repositories.
Package Project A package represents information about a collection of source code that is generally functionally related.
PackageVersion Package A package version represents information about a named version of a package.
Finding Project A finding represents a result of an evaluation method used to evaluate code against a rule.
Repository Project A repository represents information about a source control repository where source code is hosted.
RepositoryVersion Project A repository version represents information about a specific version of code in source control, such as commit SHAs, tags or branches.
ScanResult Project A scan result represents information about a particular scan in a project.
PackageManager N/A A package manager represents information about the configuration of package managers in a namespace.
AuthorizationPolicy N/A An authorization policy represents a policy for access control.
DependencyMetadata PackageVersion Get metadata about the specific dependencies in your Endor Labs tenant.

Useful commands glossary

The below glossary consists of use case specific commands:

  • List all package versions at a given source code git reference:
endorctl api list --resource="PackageVersion" -o="yaml" --filter="spec.project_uuid==<Project_UUID> and spec.source_code_reference.version.ref==<git_reference>"
  • Get a specific package version:
endorctl api get --resource="PackageVersion" --name="<ecosystem>://<Package_Name>@<Package_Version>"
  • Get a count of the number of projects hosted in your Endor Labs tenant:
endorctl api list -r Project --field-mask=uuid --count
  • Get a count of the number of projects hosted in your Endor Labs tenant:
endorctl api list -r Project --field-mask=uuid --count | jq -r '.count_response.count'
  • List all of the direct dependencies of a specific package given its UUID.
endorctl api list -r DependencyMetadata --filter="spec.importer_data.package_version_uuid==uuid and spec.dependency_data.direct==true"

create

Use the create command to create a specified resource through the API

delete

Use the delete command to delete a specified resource through the API

get

Use the get command to retrieve a specified resource through the API

list

Use the list command to retrieve a filtered or unfiltered list of a specified resource through the API

update

Use the update command to update an API object.