Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt

Use this file to discover all available pages before exploring further.

You can use AI security code review with endorctl and GitHub environment variables without requiring the GitHub App. This approach allows you to integrate AI security code review into your local development workflows. You can use this approach only if you have GitHub as your source control management system. Complete the following tasks to set up AI security code review with endorctl:

Prerequisites to use AI security code review with endorctl

Ensure that the following prerequisites are met before using AI security code review with endorctl:
  • An active Endor Labs subscription with Endor Code Pro license.
  • Access to configure scan profiles and policies
  • Code Segment Embeddings and LLM Processing enabled in Data Privacy settings
  • A GitHub token with appropriate permissions.

Enable Code Segment Embeddings and LLM Processing

Perform the following steps to enable code segment embeddings and LLM processing:
  1. Select Settings from the left sidebar.
  2. Select SYSTEM SETTINGS > Data Privacy. Enable Code Segment Embeddings and LLM Processing
  3. Select Code Segment Embeddings and LLM Processing.
  4. Click Save Data Privacy Settings.

Verify license and feature access

Perform the following steps to verify your license and feature access:
  1. Select Settings > License from the left sidebar.
  2. Verify that you have Security Review in Products and Features.

Set up environment variables

Configure the following environment variables for GitHub integration: 
# Required: SCM token with repo access
export ENDOR_SCAN_SCM_TOKEN=<your-scm-token>

# Required: Endor Labs authentication
export ENDOR_API_CREDENTIALS_KEY=<your-api-key>
export ENDOR_API_CREDENTIALS_SECRET=<your-api-secret>
export ENDOR_NAMESPACE=<your-namespace>

Pull request scan with AI security code review

To scan a pull request with AI security code review, fetch the pull request branch locally and checkout the branch. 
git fetch origin pull/<PR_NUMBER>/head:pr-<PR_NUMBER>
git checkout pr-<PR_NUMBER>
For example, to scan pull request 12, you need to run the following commands. 
git fetch origin pull/12/head:pr-12
git checkout pr-12
After you have fetched and checked out the pull request branch, you can run the following command to scan the pull request with AI security code review. 
endorctl scan \
  -n <namespace> \
  --pr \
  --security-review \
  --scm-pr-id <PR_NUMBER> \
  --scm-token $ENDOR_SCAN_SCM_TOKEN \
  --enable-pr-comments
The following table describes the flags used in the command.