- api: Interact with the Endor Labs API.
- completion: Generate a command completion script for a specified command shell.
- container: Scan and operate on container images.
- help: Get command help for endorctl.
- host-check: Verify if your system is ready to perform a scan.
- ignore: Add findings to the ignore file.
- init: Authenticate to Endor Labs from a workstation with an external identity provider.
- recommend: Suggest dependency updates that address issues across your environment.
- sbom: Import or export SBOMs to or from Endor Labs.
- sbom export: Export an SBOM for a software package from Endor Labs.
- sbom import: Import SBOMs to Endor Labs.
- scan: Perform scans against a repository.
- artifact sign: Sign and verify container images and build artifacts.
- sync-org: Sync all projects in a GitHub organization to Endor Labs.
- toolchains: Detect tools in your repository, create a scan profile, or generate a Dockerfile.
- validate: Validate policies and ignore files.
- validate ignore: Validate a YAML ignore file.
- validate policy: Validate policies.
Commands
Learn more about the available endorctl commands
The following commands are available in endorctl: