To begin, an initial Frogbot scan must be executed. Scan results can then be viewed under Xray → Scan Results, where it's also possible to configure Git repository scanners. Configuration settings defined in the Frogbot YAML file and environment variables take precedence over any settings applied through the platform.
Configuring Git Repositories
- Navigate to Administration > Xray Settings > Indexed Resources, and select the Git Repositories tab.
- Select one or more Git Repositories.
- From the actions menu, select Configure.
The Scan Configurations pop-up window opens. - Select one or more types of scans you wish to run on the selected Git Repositories:
SCA
Advanced Security:
- Vulnerabilities Contextual Analysis
- IaC
- Secrets
- SAST
(Optional: Exclude Path, using the following format:
**/*(venv,...,.venv)*)(Optional for SAST only: Exclude Rule)
- Click Apply.
The Folder table opens, displaying the:
- Folder names within the Git repository
- Number of folders within each folder
- Last time the folder was scanned
- Configuration source, which may be the Git repository configuration (Inherited) or the folder itself (custom).