Buildkite Onboarding
Prerequisites
- You have Administrator access in Buildkite
- You can create API Access Tokens with read-only permissions
- Outbound HTTPS (443) connections are allowed to app.entro.security
Buildkite Onboarding
Follow these steps to integrate Buildkite with SailPoint Entro using an API Access Token.
Navigation Path: Management → Accounts & Integrations → Add New Account (top right) → Buildkite
-
Log in to Buildkite
-
Click your profile avatar in the top-right corner.
-
Select Personal Settings.
-
-
Create an API Access Token
-
Click API Access Tokens.
-
Select New API Access Token.
-
Choose the relevant Organization for token scope.
-
Grant the token all read permissions only.
-
Set a clear description (for example,
SailPoint Entro Integration). -
Click Create Token and copy it securely.
-
-
Connect to SailPoint Entro
-
In the SailPoint Entro Dashboard, navigate to: Management → Accounts & Integrations → Add New Account → Buildkite
-
Complete the integration form fields:
Field Description Environment Nickname Enter a descriptive name (e.g., CICD-BUILDKITE) Environment Type Select your environment type (e.g., Production) Personal Access Token (PAT) Paste the token generated in Buildkite Worker Group (Connector) Choose the appropriate SailPoint Entro Worker - Click Confirm to validate and establish the integration.
-
Validation and Scanning
Once connected:
-
SailPoint Entro validates the token via Buildkite’s REST API
-
Access is confirmed as read-only
-
SailPoint Entro initiates metadata scanning for builds and pipelines
-
Results appear in your SailPoint Entro Console → Findings section
Security & Compliance Notes
- Tokens are stored encrypted (AES-256) and transmitted via TLS 1.2+
- Integration operates under least-privilege access principles
- No secret values or logs are ever retrieved or stored
- Integration complies with SOC 2 Type II, ISO 27001, and GDPR standards