Configure your CI Server for Xray Integration

JFrog Security Documentation

ft:sourceType
Paligo

Xray CI/CD integration is supported for Jenkins, Azure DevOps, Bamboo and JFrog CLI.

  • Jenkins: To configure a build job to request a scan, with the Jenkins Artifactory Plug-in (v2.9.0 and above), you need to create a scanConfig instance and and pass it to the xrayScan method in the Jenkins Pipeline.Jenkins Artifactory Plug-in

  • Azure DevOps: To scan build artifacts for vulnerabilities in Azure DevOps, you need to add the Artifactory Xray Scan task after the Artifactory Publish BuildInfo task.Scan ArtifactJFrog Azure DevOps Extension

  • Bamboo: To scan build artifacts for vulnerabilities, with the Bamboo Artifactory Plug-in, you need to add the Artifactory Xray Scan task to your plan. The task should follow a previous task which publishes the build-info to Artifactory.Bamboo Artifactory Plug-inScan Artifact

  • TeamCity: Toscan build artifacts and dependenciesTeamCity Artifactory Plug-infor vulnerabilities with the TeamCity Artifactory Plug-in, you need to enable the Xray scan on build and Fail build options, configured per build.TeamCity Artifactory Plug-in

  • JFrog CLI: To scan build artifacts for vulnerabilities using JFrog CLI, you need to use the jfrog rt scan-build command.CLI for JFrog Xray