Generate Due Diligence Report

Xray REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description: Generates a Due Diligence report with data defined by scope and filters. This request starts the report generation process which runs in the background. The returned report ID is used in other requests that require it such as Get Report Content, Delete Report, etc.

Since: 3.9

Security: Requires a user with the Manage Reports role.

Notes: For Xray version 3.21.2 and above with Projects, a Project Admin with Manage Security Assets privilege can generate a Due Diligence report using this REST API in the scope of a project, by using the additional query parameter projectKey.

Usage: POST api/v1/reports/licenses

Sample Request

{
    "name": "report1",
    "resources": {
        "repositories": [
            {
                "name": "libs-release-local"
            },
            {
                "name": "plugins-release-local",
                "include_path_patterns": [
                    "*folder1/*path"
                ]
            },
            {
                "name": "ext-release-local",
                "include_path_patterns": [
                    "folder1/path/*",
                    "folder2/path*"
                ],
                "exclude_path_patterns": [
                    "folder1/path2/*",
                    "folder2/path2*"
                ]
            }
        ],
        "builds": {
            "names": [
                "art-docker-test",
                "art-docker-prod"
            ],
            "include_patterns": [
                "release*",
                "feat*ure"
            ],
            "exclude_patterns": [
                "snapshots*",
                "test*"
            ],
            "number_of_latest_versions": 5
        },
        "release_bundles": {
            "names": [
                "art-pkg",
                "xray_pkg"
            ],
            "include_patterns": [
                "release*",
                "feat*ure"
            ],
            "exclude_patterns": [
                "snapshots*",
                "test*"
            ],
            "number_of_latest_versions": 5
        },
        "projects": {
            "names": [
                "test1",
                "test2"
            ],
            "include_key_patterns": [
                "test*",
            ],
            "number_of_latest_versions": 5
       }
    },
    "filters": {
        "component": "*gav:component*",
        "artifact": "some://impacted*artifact",
        "unknown": false,

        "unrecognized": true,

       

        "license_names": [

            "Apache",
            "MIT"

            "AFL"
        ],

        "license_patterns": [

            "*Apache*",
            "The Apache*"

            "AFL*"
        ],

        "scan_date": {
            "start": "2020-06-29T12:22:16Z",
            "end": "2020-06-29T12:22:16Z"
        }
    }
}

Sample Response

{
    "report_id": 43,
    "status": "pending"
}

Generate Due Diligence Report in Projects

POST api/v1/reports/licenses?projectkey=<project_key>