search

jfrog / jfrog-cli

JFrog CLI is a client that provides a simple interface that automates access to the JFrog products.
https://www.jfrog.com/confluence/display/CLI/JFrog+CLI
Apache License 2.0
521 stars 223 forks source link

jfrog xray scan report integration with AzureDevops CLI task #2025

Open vivuu1989 opened 1 year ago

vivuu1989 commented 1 year ago

We are using Azuredevops Jfrog tasks to build our mvn/npm/gradle projects and, using the below jfrog publish buildinfo and scan task to get the violation list. But as part of the same pipeline , we are planning for automated way (either by CLI or Azuredevops task) to create a report in xray by including the pipeline used "source Repo" and the build scope of the same pipeline.

Tried the XRAY api options, but failed to to generate it dynamically as part of the pipeline with these dynamic scopes.

  - task: JFrogPublishBuildInfo@1
    name: publishBInfo
    displayName: 'Publish Build Info to JFrog'
    condition: succeeded()
    inputs:
      artifactoryConnection: 'myserviceconnection'
      buildName: '$(Build.DefinitionName)'
      buildNumber: '$(Build.BuildNumber)'

  - task: JFrogBuildScan@1
    enabled: false
    name: xrayScan
    displayName: 'Security Scan'
    condition: succeeded()
    inputs:
      xrayConnection: 'myserviceconnection'
      buildName: '$(Build.DefinitionName)'
      buildNumber: '$(Build.BuildNumber)'
      allowFailBuild: true
      vuln: true
vivuu1989 commented 1 year ago

Any guidance please