Perform scans in CI pipelines

Learn how to implement Endor Labs across CI pipelines.

endorctl is a command line utility designed to bring the functionality of Endor Labs into your software delivery workflows.endorctl has several command flags to help you facilitate operational and security risk monitoring. Developers can integrate Endor Labs into Continuous Integration Workflows using the endorctl scan.

  • endorctl scan - You can use endorctl scan to monitor your projects using Endor Labs, and you can update the scan information each time to keep monitoring the project for new findings. The endorctl scan command will scan a specific version of your repository, such as the default branch, a tagged release version, or a commit SHA.
  • endorctl scan --pr - You can use the endorctl scan --pr command to scan a specific version of your source code for security and operational risks as part of your continuous integration workflows or CI runs. The endorctl scan --pr command performs a one-time evaluation of your project, focusing on security and operational risks, rather than providing continuous monitoring. CI runs are shown in the Scan History section of each project and are stored for 30 days so that you can analyze and review them on the Endor Labs user interface.

Any continuous integration workflows generally run using the endorctl scan --pr command unless a scan is run on a created tag release, a push to the default or specific branch, or a commit SHA that will be deployed to production.

Authenticating in CI with Keyless Authentication

Keyless Authentication enhances security and minimizes the expenses associated with secret rotation. Keyless authentication is Endor Labs recommended path to scan your projects in the CI workflows. See Keyless Authentication for details.

Configuring GitHub Actions workflows with Endor Labs

GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build, test, and deployment pipeline. See the Endor Labs Configuring GitHub Actions workflows. for details.

Configuring GitLab CI/CD pipelines with Endor Labs

GitLab CI/CD pipelines are a part of GitLab’s integrated continuous integration and deployment features. They allow you to define and automate the different stages and tasks in your software development workflow. See the Endor Labs Configuring GitLab CI/CD for details.


Set up keyless authentication

Learn how to implement keyless authentication for CI environments.

Scanning with GitHub Actions

Learn how to implement Endor Labs in GitHub action workflows.

Scanning in Bitbucket Pipelines

Learn how to implement Endor Labs in a Bitbucket pipeline.

Scanning in GitLab Pipelines

Learn how to implement Endor Labs across a GitLab CI pipeline.

Scanning with CircleCI

Learn how to implement Endor Labs in a CircleCI pipeline.

Scanning with Google Cloud Build

Learn how to implement Endor Labs with Google Cloud Build.

Scanning with Jenkins

Learn how to implement Endor Labs in a Jenkins pipeline.

Scanning in Azure Pipelines

Learn how to implement Endor Labs in an Azure Pipeline.