Example 5 - Policy with Jira Integration Enabled

JFrog REST APIs

ft:sourceType
Paligo
{
    "name": "sec_policy5",
    "description": "This is a security policy",
    "type": "security",
    "rules": [
        {
            "name": "testrule1",
            "criteria": {
                "min_severity": "medium"
            },
            "actions": {
                "webhooks": [
                ],
                "block_download": {
                    "active": true,
                    "unscanned": true
                },
                "block_release_bundle_distribution": true,
                "fail_build": true,
                "notify_deployer": true,
                "notify_watch_recipients": true,
                "create_ticket_enabled":false
            },
            "priority": 1
        }
    ]
}

Operational Risk Sample Response- Setting a minimal risk criteria

{
    "name": "operational_risk_policy_1",
    "description": "Operational Risk policy with minimal risk rule",
    "type": “operational_risk",
    "rules": [
         {
            "name": "op_risk_minimal_risk_rule",
            “criteria": {
                "op_risk_min_risk": "High", // (default), valid values: [Low,Medium,High]
            },
            "actions": {
                 "webhooks": [],
                 "block_download": {
                     "active": true
                     "unscanned": true
                 },
                 "fail_build": true
             },
             "priority": 1
         }
    ]
}

Operational Risk Sample Response- Setting a custom risk criteria

{
    "name": "operational_risk_policy_2",
    "description": "Operational Risk policy with a custom risk rule",
    "type": “operational_risk",
    "rules": [
         {
            "name": "op_risk_custom_rule",
            “criteria": {
                "op_risk_custom": {
                    “use_and_condition”: false,// (default) determines if ALL defined conditions should be met for the rule to match, or only 1 of them is enough
                    “is_eol”: flase, // (default) match if the component is defined as ‘end of life’
                    “commits_less_than”: 10,// match if the amount of commits is less than this value, valid values: [10,25,50,100]
                    “newer_versions_greater_than”: 5,// match if the amount of newer version is higher than this value, valid values: [1,2,3,4,5]
                    “committers_less_than”: 5,// match if the amount of committers is less than this value, valid values: [1,2,3,4,5]
                    “release_date_greater_than_months”: 5,// match if the time since the release date is greater then this value in months, valid values: [6,12,18,24,30,36]
                    “release_cadence_per_year_less_than”: 3,// match if the yearly release cadence is less than this value, valid values: [1,2,3,4,5]
                    “risk”: Low, // (default) if the rule is matched, produce a violation with this risk value, valid values: [Low,Medium,High]
                }
            },
            "actions": {
                 "webhooks": [],
                 "block_download": {
                     "active": true
                     "unscanned": true
                 },
                 "fail_build": true
             },
             "priority": 1
         }
    ]
}

Response Codes:

200: Success - Policy created

{
    "info": "Policy {pName} has been created successfully"
}

400 - One or more fields are missing/invalid

409 - Policy {pName} already exists

500 - Failed to create policy