Build Scan Status

Xray REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description: Get the scan status of a build.

Note: Only for builds that are set to be indexed by Xray.

Since: 3.80.9

Applicable Environment: JFrog SaaS,  Self-Hosted

Security: Requires a valid user with the Read permission.

Usage: POST xray/api/v1/build/status

Consumes: application/json

Produces: application/json

Path parameters: None

Query parameters: None

Request Body:

Parameter

Type

Required/Optional

Description

name

string

required

The build name

number

string

required

The build number

project

string

optional

The project key that the build belongs to. When omitted the request for a build from the global (default) scope

Response Body:

Parameter

Type

Description

overall

OverallObj

Overall scan status object

details

DetailsObj

Detailed scan status object

OverallObj:

Parameter

Type

Description

status

string

Overall status of the scan.

Possible values: NOT_SUPPORTED, NOT_SCANNED, PENDING, SCANNING, DONE, PARTIAL, FAILED

time

string

Timestamp in RFC 3339 format of the scan status.

DetailsObj:

Parameter

Type

Description

sca

ScaObj

SCA scan status object

contextual_analysis

ContextualObj

Contextual analysis scan status object

exposures

ExposuresObj

Exposures scan status object

violations

ViolationsObj

Violations scan status object

ScaObj:

Parameter

Type

Description

status

string

Possible values: NOT_SUPPORTED, NOT_SCANNED, PENDING, SCANNING, DONE, PARTIAL, FAILED

time

string

Timestamp in RFC 3339 format of the SCA scan status.

ContextualObj

Parameter

Type

Description

status

string

Possible values: NOT_SUPPORTED, NOT_SCANNED, PENDING, SCANNING, DONE, PARTIAL, FAILED

time

string

Timestamp in RFC 3339 format of the SCA scan status.

ExposuresObj

Parameter

Type

Description

status

string

Possible values: NOT_SUPPORTED, NOT_SCANNED, PENDING, SCANNING, DONE, PARTIAL, FAILED

time

string

Timestamp in RFC 3339 format of the SCA scan status.

categories

ExposuresCategoriesObj

Categories of the exposures scan

ExposuresCategoriesObj

Parameter

Type

Description

iac

CategoryObj

Infrastructure as code status

secrets

CategoryObj

Secrets scan status

services

CategoryObj

Services scan status

applications

CategoryObj

Applications scan status

CategoryObj

Parameter

Type

Description

status

string

Possible values: NOT_SUPPORTED, NOT_SCANNED, PENDING, SCANNING, DONE, PARTIAL, FAILED

time

string

Timestamp in RFC 3339 format of the SCA scan status.

ViolationsObj

Parameter

Type

Description

status

string

Possible values: NOT_SUPPORTED, NOT_SCANNED, PENDING, SCANNING, DONE, PARTIAL, FAILED

time

string

Timestamp in RFC 3339 format of the SCA scan status.

Response Codes

Status Code

Description

200

OK

400

Bad request - Mandatory fields are missing

403

Permission denied

404

Not found

500

Internal server error

Sample Request

{
  "name": "my-build",
  "project": "my-project",
  "number": "1"
}

Successful Response

200 OK

{
    "overall": {
        "status": "DONE",
        "time": "2024-07-09T07:22:05Z"
    },
    "details": {
        "sca": {
            "status": "DONE",
            "time": "2024-07-09T07:22:04Z"
        },
        "contextual_analysis": {
            "status": "DONE",
            "time": "2024-07-09T07:22:04Z"
        },
        "violations": {
            "status": "DONE",
            "time": "2024-07-09T07:22:05Z"
        }
    }
}

Sample Error Response

404 NOT FOUND

{
  "error": "Request payload is invalid as build name: my-build build number: 3 is either not indexed or does not exist"
}