CI/CD tools
Endor Labs automatically discovers and identifies the CI/CD tools used in your organization based on your source code and source code management system configuration, giving you insight into your software development environment posture.
Scan for CI/CD tools
If you are using the GitHub App, CI/CD tools discovery is automatic. If you want to scan a particular repository for CI/CD tools, make sure that you are authenticated and then run the command:
endorctl scan --path=/path/to/your/repo --tools
Note
To include GitHub application data, you must also set the--github
flag and provide a GitHub token with read:org
access.
View the CI/CD tools detected
To view the CI/CD tool coverage in all projects:
- Sign in to Endor Labs and select CI/CD > Tools from the left sidebar.
- Use Search to find specific projects.
- Use Tool Categories to filter results by tool category.
- Use Tools to filter results by tool name.
- Click Settings (gear icon) in the top-right corner of the table to configure which columns you want to see.
- Select a project to navigate to the Tools section for the specific project, where you can view details and evidence of how the tool is used in the project.
- Select a row to view the details of the corresponding tool in the right sidebar.
- Tools are identified based on a range of different patterns, from file names and file content, to webhooks and GitHub applications.
View the supported CI/CD tools and patterns used to detect them
To view the patterns that are used to detect the various CI/CD tools:
- Sign in to Endor Labs and select Manage > Policies & Rules from the left sidebar.
- Select the CI/CD RULES to view the list of supported CI/CD tools and the corresponding category mapping.
- Click three vertical dots at the right end of a row and select View Rule to see the tool pattern definition.
Create finding policies for CI/CD tools
See CI/CD finding policies for details on how to create finding policies for CI/CD tools.
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.