Masks

Learn how to use field masks with the Endor Labs REST API.

Field masks allow you to specify a subset of fields to be returned for each object by a request. Similar to filter keys, a field-mask key is used to specify the field to return, using a dot-delimited path.

The following example shows how to get just the description and severity for all findings:

endorctl api list --resource Finding \
  --field-mask "meta.description,spec.level"
curl --get \
  --header "Authorization: Bearer $ENDOR_TOKEN" \
  --url "https://api.endorlabs.com/v1/namespaces/$ENDOR_NAMESPACE/findings?list_parameters.mask=meta.description,spec.level"
@baseUrl = https://api.endorlabs.com
@token = <insert-access-token>
@namespace = <insert-namespace>

###
GET {{baseUrl}}/v1/namespaces/{{namespace}}/findings?list_parameters.mask=meta.description,spec.level HTTP/1.1
Authorization: Bearer {{token}}

jq

The Endor Labs REST API returns results in json format so it is often convenient to use the jq command-line json processor to parse or format the results.

The following example shows how to use jq to extract just the description value from the above request:

endorctl api list --resource Finding \
  --field-mask "meta.description,spec.level" \
  | jq '.list.objects[].meta.description'
curl --get \
  --header "Authorization: Bearer $ENDOR_TOKEN" \
  --url "https://api.endorlabs.com/v1/namespaces/$ENDOR_NAMESPACE/findings?list_parameters.mask=meta.description,spec.level"
  | jq '.list.objects[].meta.description'

For more information, see the jq documentation.