Global flags and environment variables
Every command-line flag has a corresponding environment variable that can be set instead of the flag, either directly in your environment or in a dedicated configuration file.
See config-path description in Global Flags and Variables and Set environment variables for details.
To set a command-line flag on the endorctl scan command you can specify the flag with a leading -- for full flag names or a leading - for short flag aliases. If applicable, input arguments are specified after the flag and separated from it with either a blank space or a = character. For example, to set the output-type specify --output-type json or -o=json. If the input argument is a list, then the list elements are separated by a , character, for example --languages=go,python.
Global flags and variables
The following Global flags are supported and configurable for any endorctl command:
| Flag | Environment Variable | Type | Description |
|---|---|---|---|
api |
ENDOR_API |
string | Set the API URL for the Endor Labs Application (default https://api.endorlabs.com). |
api-key |
ENDOR_API_CREDENTIALS_KEY |
string | Set the API key used to authenticate with Endor Labs. |
api-secret |
ENDOR_API_CREDENTIALS_SECRET |
string | Set the secret corresponding to the API key used to authenticate with Endor Labs. |
aws-role-arn |
ENDOR_AWS_CREDENTIALS_ROLE_ARN |
string | Set the target role ARN for AWS based authentication. AWS authentication is only enabled if this flag is set. See our AWS Keyless Authentication Docs for details. |
bypass-host-check |
ENDOR_BYPASS_HOST_CHECK |
boolean (default:false) | Bypass the check that verifies that the host machine is correctly set up to use endorctl. |
config-path |
ENDOR_CONFIG_PATH |
string | Set the local file system path to the Endor Labs config directory containing your Endor Labs environment variables. By default, set to $HOME/.endorctl/config.yaml. |
enable-azure-managed-identity |
ENDOR_AZURE_CREDENTIALS_MANAGED_IDENTITY_ENABLE |
boolean (default:false) | Enable keyless authentication using Azure VM managed identity system tokens. |
enable-github-action-token |
ENDOR_GITHUB_ACTION_TOKEN_ENABLE |
boolean (default:false) | Enable keyless authentication using GitHub Action OIDC tokens. See the GitHub documentation on configuring OpenID Connect in cloud providers for details. |
gcp-service-account |
ENDOR_GCP_CREDENTIALS_SERVICE_ACCOUNT |
string | Set the target service account for GCP based authentication. GCP authentication is only enabled if this flag is set. |
log-level |
ENDOR_LOG_LEVEL |
string | Set the log level. Set to debug for debug logs. See also the --verbose flag. |
namespace |
ENDOR_NAMESPACE |
string | Set to the namespace of the project that you are working with. |
token |
ENDOR_TOKEN |
string | Set the authentication token used to authenticate with Endor Labs. |
verbose |
ENDOR_LOG_VERBOSE |
boolean (default:false) | Enable verbose logging. |
version |
Not applicable | Display the endorctl client version. |
|
| Not applicable | ENDOR_JS_ENABLE_TSSERVER |
boolean (default:false) | Set this environment variable to true to view call graphs for JavaScript/TypeScript projects. |
Set endorctl environment variables
To set an environment variable run the following command.
export <environment variable>=<value>
For example to set the environment variable ENDOR_TOKEN to “mytoken” run the following command.
export ENDOR_TOKEN=mytoken
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.