XrayScan - Examples

JFrog Pipelines Documentation

Products

JFrog Pipelines

Content Type

User Guide

ft:sourceType

Paligo

The following examples show how to configure a XrayScan step. For more information on XrayScan Pipeline steps, see XrayScan.

Trigger an Xray Scan for Build Name and Number

Triggers an Xray scan for the build name and number provided by an input BuildInfo resource.

This example require a GitHub Integration and an Artifactory Integration or JFrog Platform Access Token Integration .GitHub Integration
The Pipelines DSL for this example is available in t his repository in the JFrog GitHub account.

XrayScan

template: true   # required for local templates
valuesFilePath: ./values.yml

resources:
  - name: app_repo
    type: GitRepo
    configuration:
      gitProvider: {{ .Values.gitIntegration }}                      
      path: {{ .Values.gitRepositoryPath }}    
      branches:
        include: master

  - name: app_buildinfo
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artifactoryIntegration }}

  - name: app_promoted_buildinfo
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artifactoryIntegration }}

pipelines:
  - name: app_dev_pipeline
    steps:
      - name: app_build
        type: DockerBuild
        configuration:
          affinityGroup: docker_group
          dockerFileLocation: .
          dockerFileName: Dockerfile
          dockerImageName: {{ .Values.artifactoryUrl }}/{{ .Values.sourceRepository }}/{{ .Values.imageName }}  
          dockerImageTag: ${run_number}
          inputResources:
            - name: app_repo
          integrations:
            - name: {{ .Values.artifactoryIntegration }}         
            
      - name: app_push
        type: DockerPush
        configuration:
          affinityGroup: docker_group
          targetRepository: {{ .Values.sourceRepository }}
          integrations:
            - name: {{ .Values.artifactoryIntegration }}                            
          inputSteps:
            - name: app_build

      - name: publish_app_build
        type: PublishBuildInfo
        configuration:
          affinityGroup: docker_group
          inputSteps:
            - name: app_push
          outputResources:
            - name: app_buildinfo
            
      - name: xrayScanStep
        type: XrayScan
        configuration:
          inputResources:
            - name: app_buildinfo

Update Output BuildInfo Resource

Updates an output BuildInfo resource that can be used as an input to future steps. Using an output resource means that you can be sure that those versions have been scanned when using that resource as an input.

XrayScan

pipelines: 
  - name: xrayScanPipeline
    steps:
      - name: xrayScanStep
        type: XrayScan
        configuration:
          inputResources:
            - name: inputBuildInfo
          outputResources:
            - name: outputBuildInfo