CI/CD tools
Endor Labs automatically discovers and identifies the CI/CD tools used in your organization based on your source code and source code management system configuration, giving you insight into your software development environment posture.
Scan for CI/CD tools
If you are using the Github App, CI/CD tools discovery is automatic. If you want to scan a particular repository for CI/CD tools, make sure that you are authenticated and then run the command:
endorctl scan --path=/path/to/your/repo --tools
Note: To include GitHub application data you must also set the
--github
flag and provide a GitHub token with read:org access.
View the CI/CD tools detected
To view the CI/CD tool coverage in all projects:
- Sign in to the Endor Labs application.
- Navigate to CI/CD > Tools on the left sidebar to view the list of all your projects and tools detected, grouped by tool category.
- Use Search to look for specific projects.
- Use Tool Categories to filter the search results by tool category.
- Use Tools to filter the search results by tool name.
- Click on the Settings Gear Icon in the top-right corner of the table to configure which columns you want to see.
- Select a project to navigate to the Tools section for the specific project, where you can view details and evidence of how the tool is used in the project.
- Click on the Drawer Icon at the right end of a row to view the details for the corresponding tool.
- Tools are identified based on a range of different patterns, from file names and file content, to webhooks and GitHub applications.
View the supported CI/CD tools and patterns used to detect them
To view the patterns that are used to detect the various CI/CD tools:
- Sign in to the Endor Labs application.
- Navigate to Policies on the left sidebar.
- Navigate to the CI/CD RULES tab to see the list of supported CI/CD tools and the corresponding category mapping.
- Click on the vertical ellipsis at the right end of a row and select View Rule to see the tool pattern definition.
Create finding policies for CI/CD tools
See CI/CD finding policies for details on how to create finding policies for CI/CD tools.
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.