api

Use the api command to interact with the Endor Labs API

The endorctl api command allows you to interact with the Endor Labs API directly through the command line interface.

Usage

The syntax of the endorctl api command is:

endorctl api [subcommand] [flags]

The following subcommands are supported:

  • create creates a specified object in a namespace.
  • delete deletes a specified object in a namespace.
  • get gets a specified object in a namespace.
  • list lists a specified group of objects in a namespace.
  • update updates a specified object in a namespace.

Flags and variables

The following flags are supported for all endorctl api subcommands, unless specified otherwise:

Flag Environment Variable Description
data ENDOR_API_DATA Define the object you want to create or update in json format.
field-mask ENDOR_API_FIELD_MASK Specify a list of fields to return or update.
header ENDOR_API_HEADER Specify request header information in the following format: key:value
interactive ENDOR_API_INTERACTIVE Create or update an object interactively. Requires the environment variable EDITOR to be set (e.g. export EDITOR=vim).
name ENDOR_API_NAME Specify the name of the resource that you want to interact with.
output-type ENDOR_API_OUTPUT_TYPE Specify the output format of the response. The default output type is json, but can also be set to yaml or table.
resource ENDOR_API_RESOURCE Specify the resource type that you want to interact with. See commonly used resource types below for a list of supported resource types.
timeout ENDOR_API_TIMEOUT Set the timeout limit for the command. The default is 20s, but larger or more complex requests might need additional time, potentially leading to a “context deadline exceeded” error.

| uuid | ENDOR_API_UUID | Specify the uuid of the resource that you want to interact with. |

Commonly used resource types

The following table lists resource types that are commonly used in the API. For more information, see the resource kind documentation.

Resource Kind Description
Project A project represents a configuration for ingesting source control repositories. List all projects by calling endorctl api list -r Project.
Repository A repository represents information about a source control repository where source code is hosted. List all repositories for a project by filtering on meta.parent_uuid==<project-uuid>.
RepositoryVersion A repository version represents information about a specific version of code in source control, such as commit SHAs, tags or branches. List all repository versions for a project by filtering on meta.parent_uuid==<project-uuid>.
PackageVersion A package version represents information about a named version of a package. List all package versions for a project by filtering on spec.project_uuid==<project-uuid>.
DependencyMetadata A dependency metadata object represents the relationship between the root package version (importer) and a given dependency. List all dependency metadata objects for a project by filtering on spec.importer_data.project_uuid==<project-uuid>.
Metric A metric object contains the output of a given analytic. List all metric objects for a project by filtering on spec.project_uuid==<project-uuid>.
Finding A finding represents a result of an evaluation method used to evaluate code against a rule. List all findings for a project by filtering on spec.project_uuid==<project-uuid>.
ScanResult A scan result contains metadata about a particular scan (configuration, results etc.). List all scan results for a project by filtering on meta.parent_uuid==<project-uuid>.
AuthorizationPolicy An authorization policy represents a policy for access control. List all authorization policies by calling endorctl api list -r AuthorizationPolicy.

create

Use the create command to create a specified resource through the API

delete

Use the delete command to delete a specified resource through the API

get

Use the get command to retrieve a specified resource through the API

list

Use the list command to retrieve a filtered or unfiltered list of a specified resource through the API

update

Use the update command to update an API object.