Create Ignore Rule

Description: Create an Ignore Rule.

Since: 3.11

Security: Requires a valid user with the "Manage Watches" permission.

Notes: For Xray version 3.21.2 and above with Projects, a Project Admin with the Manage Assets privilege can create Ignore Rules using this REST API in the scope of a project, by using the additional query parameter projectKey. Wildcards are not supported for artifact names.

Usage: POST /api/v1/ignore_rules

Parameters:

“vulnerabilities”/“licenses”/“cves”/“policies”/“watches”/“docker-layers” - []string

Example Format

["Value 1", "Value 2", ...]

“release-bundles”/“builds”/“components” - []{name(string), version(string)} (name - must)

Example Format

[{"name": test, "version": number},...]

“artifacts” - []{name(string), version(string), path(string)} (name - must)

Example Format

[{"name": test, "version": number, "path": path},...]

“operational_risk” - []string

Note: Only ‘Any’ is supported for this parameter

Example Format

[“any”]

Ignore filters:

Sample Request

{
    "notes": "ignore any license for any version of alpine for the base layer within all 'myApp' builds",
    "ignore_filters": {
        "licenses":[
            "any"
        ],
        "builds": [
            {
                "name":"myApp"
            }
        ],
        "components": [
            {
                "name":"docker://alpine"
            }
        ],
        "docker-layers": [
            "0503825856099e6adb39c8297af09547f69684b7016b7f3680ed801aa310baaa"
        ]
    }
}

Sample Request

{
    "notes": "ignore 'CVE-2016-2168' when watch is 'tstWatch'",
    "ignore_filters": {
        "cves":[
            "CVE-2016-2168"
        ],
        "watches":[
            "tstWatch"
        ]
    }
}

Sample Request

{
    "notes": "ignore 'CVE-2016-2168' until the expiration date set'",
    "expires_at": "2020-06-29T00:00:00Z",
    "ignore_filters": {
        "cves":[
            "CVE-2016-2168"
        ],
        "watches":[
            "tstWatch"
        ]
    }
}

Sample Request

{
    "notes": "ignore 'XRAY-12345' for component 'rpm://juice' of version '6.0.0",
    "ignore_filters": {
        "vulnerabilities":[
            "XRAY-12345"
        ],
        "components":[
            {
                "name":"rpm://juice",
                "version":"6.0.0"
            }
        ]
    }
}

Sample Request

{
    "notes": "ignore any violation for 'tstRB' release-bundle",
    "ignore_filters": {
        "vulnerabilities":[
            "any"
        ],
        "licenses":[
            "any"
        ],
        "release-bundles":[
            {
                "name":"tstRB"
            }
        ]
    }
}

Sample Request

{
    "notes": "ignore any violation for 'gav://dev' artifact only under repo 'devRepo' when violation sources are any version of 'go://gosu' or 'rpm://juice'",
    "ignore_filters": {
        "vulnerabilities":[
            "any"
        ],
        "licenses":[
            "any"
        ],
        "artifacts":[
            {
                "name":"gav://dev",
                "path":"devRepo/"
            }
        ],
        "components":[
            {
                "name":"go://gosu"
            },
            {
                "name":"rpm://juice"
            }
        ]
    }
}

Sample Request

{
 "notes": string,
 "ignore_filters": {
    "vulnerabilities": [
      "any"
    ],
    "licenses": [
      "any"
    ],
    "artifacts": [
      {name:"docker://redis", version: "any", path: "/testRepo"}
    ]
  }
}

Operational Risk Sample Request

{
    "notes": "ignore Operational Risk violations for artifact 'gav://org.jfrog.ignored:ignored-core' of version '2.0.0",
    "ignore_filters": {
        "operational_risk":[
            "any"
        ],
        "artifacts":[
            {
                "name":"gav://org.jfrog.ignored:ignored-core",
                "version":"2.0.0"
            }
        ]
    }
}

Sample Response

successfully added ignore rule with id: {id}

Projects Filter:

Note: Add project field to Builds filter, a Build without a project is referred to as a Global Build.

{
    "notes": "ignore any license for any version of alpine for the base layer within all 'myApp' builds",
    "ignore_filters": {
        "licenses":[
            "any"
        ],
        "builds": [
            {
                "name":"myApp", "project":"projA"
            }
        ],
        "components": [
            {
                "name":"docker://alpine"
            }
        ],
        "projects": [
            "projA",
            "projB"
        ]
    }
}

Exposures Sample Request 1

Ignore exposures by category on a given path within the artifact.

{    "notes": "path /etc/envoy/req.sw.envoy.admin-localhost.yaml",    "ignore_filters": {        "exposures": {            "categories": [                "secrets",                "services"            ],            "file_path": [                "/etc/envoy/req.sw.envoy.admin-localhost.yaml"            ]        }    }}
    

Exposures Sample Response 1

{    "info": "Successfully added Ignore rule with id: 269c3872-4735-4244-4886-17ae1dc5fcd6"}
    

Exposures Sample Request 2

Ignore exposures by scanner on a given path within the artifact.

{    "notes": "path /etc/envoy/req.sw.envoy.admin-localhost.yaml",    "ignore_filters": {        "exposures": {            "scanners": [                "EXP-12345"            ],            "file_path": [                "/etc/envoy/req.sw.envoy.admin-localhost.yaml"            ]        }    }}

Exposures Sample Response 2

{    "info": "Successfully added Ignore rule with id: 45f570bb-15f9-4370-4414-5f13aa6387d1"}

Response Codes:

201 - successfully created ignore rule id: {ignore_rule_id}

500 - Failed to create ignore rule

400 - Parsing/validation error

401 - Unauthorized

403 - Forbidden

415 - Unsupported media type