Configure scan profile through scanprofile.yaml
You can create a build tool profile for your Endor Labs scans in each repository to specify the build tools to automatically download for each scan.
Create a new file .endorctl/scanprofile.yaml
file in the root directory of your repository and specify the required versions of the tools. You can specify the Operating system, architecture, language, tool, and install information in the scanprofile.yaml file:
The overall structure of a scanprofile.yaml file should look like this:
kind: ToolchainProfile
spec:
os:
<linux|darwin>:
arch:
<amd64|arm64>:
python_tool_chain:
A profile that downloads Python 3.10 and the corresponding PyPI packages to run in a CI environment can look like this:
kind: ToolchainProfile
spec:
os:
linux:
arch:
amd64:
python_tool_chain:
version:
name: "3.10"
urls:
- "https://python310.tar.gz"
sha256_sum: "python310shasum"
pip_packages:
wheel:
name: "1.2.3"
urls:
- "https://wheel123.tar.gz"
- "https://wheel123_backup.targz"
sha256_sum: "wheelshasum"
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.