Xray CI/CD integration is supported for Jenkins, Azure DevOps, Bamboo and JFrog CLI.
Jenkins: To configure a build job to request a scan, with the Jenkins Artifactory Plug-in (v2.9.0 and above), you need to create a
scanConfig
instance and and pass it to thexrayScan
method in the Jenkins Pipeline.Azure DevOps: To scan build artifacts for vulnerabilities in Azure DevOps, you need to add the Artifactory Xray Scan task after the Artifactory Publish BuildInfo task.
Bamboo: To scan build artifacts for vulnerabilities, with the Bamboo Artifactory Plug-in, you need to add the Artifactory Xray Scan task to your plan. The task should follow a previous task which publishes the build-info to Artifactory.
TeamCity: Toscan build artifacts and dependenciesfor vulnerabilities with the TeamCity Artifactory Plug-in, you need to enable the Xray scan on build and Fail build options, configured per build.
JFrog CLI: To scan build artifacts for vulnerabilities using JFrog CLI, you need to use the jfrog rt scan-build command.