Set up keyless authentication
Learn how to implement keyless authentication for CI environments.
endorctl
is a command line utility designed to bring the functionality of Endor Labs into your software delivery workflows.endorctl
has several command flags to help you facilitate operational and security risk monitoring. Developers can integrate Endor Labs into Continuous Integration Workflows using the endorctl scan
.
endorctl scan
- You can use endorctl scan to monitor your projects using Endor Labs, and you can update the scan information each time to keep monitoring the project for new findings. The endorctl scan
command will scan a specific version of your repository, such as the default branch, a tagged release version, or a commit SHA.endorctl scan --pr
- You can use the endorctl scan --pr
command to scan a specific version of your source code for security and operational risks as part of your continuous integration workflows or CI runs. The endorctl scan --pr
command performs a one-time evaluation of your project, focusing on security and operational risks, rather than providing continuous monitoring. CI runs are shown in the Scan History section of each project and are stored for 30 days so that you can analyze and review them on the Endor Labs user interface.Any continuous integration workflows generally run using the endorctl scan --pr
command unless a scan is run on a created tag release, a push to the default or specific branch, or a commit SHA that will be deployed to production.
Keyless Authentication enhances security and minimizes the expenses associated with secret rotation. Keyless authentication is Endor Labs recommended path to scan your projects in the CI workflows. See Keyless Authentication for details.
GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build, test, and deployment pipeline. See the Endor Labs Configuring GitHub Actions workflows. for details.
GitLab CI/CD pipelines are a part of GitLab’s integrated continuous integration and deployment features. They allow you to define and automate the different stages and tasks in your software development workflow. See the Endor Labs Configuring GitLab CI/CD for details.
Learn how to implement keyless authentication for CI environments.
Learn how to implement Endor Labs in GitHub action workflows.
Learn how to implement Endor Labs in a Bitbucket pipeline.
Learn how to implement Endor Labs across a GitLab CI pipeline.
Learn how to implement Endor Labs in a CircleCI pipeline.
Learn how to implement Endor Labs with Google Cloud Build.
Learn how to implement Endor Labs in a Jenkins pipeline.
Learn how to implement Endor Labs in an Azure Pipeline.
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.