Description: Create an Ignore Rule.
Since: 3.11
Security: Requires a valid user with the "Manage Watches" permission.
Notes:
For Xray version 3.21.2 and above with Projects, a Project Admin with the Manage Assets privilege can create Ignore Rules using this REST API in the scope of a project, by using the additional query parameter
projectKey. Wildcards are not supported for artifact names.When using the Create an Ignore Rule REST API, the ignore rule is created but applies only to future scans. It is not automatically applied to existing or past scan results. To apply an ignore rule created via the REST API to past scans, you must manually trigger Apply on Existing Content on the relevant watch or watches.
Usage: POST /xray/api/v1/ignore_rules
Parameters:
“vulnerabilities”/“licenses”/“cves”/“policies”/“watches”/“docker-layers” - []string
Example Format
["Value 1", "Value 2", ...]
“release-bundles”/“builds”/“components” - []{name(string), version(string)} (name - must)
Example Format
[{"name": test, "version": number},...]“artifacts” - []{name(string), version(string), path(string)} (name - must)
Example Format
[{"name": test, "version": number, "path": path},...]“operational_risk” - []string
Note: Only ‘Any’ is supported for this parameter
Example Format
[“any”]
Functionality level | Objective | Scope | Source |
|---|---|---|---|
Filters |
|
|
|
Ignore filters:
Sample Request
{
"notes": "ignore any license for any version of alpine for the base layer within all 'myApp' builds",
"ignore_filters": {
"licenses":[
"any"
],
"builds": [
{
"name":"myApp"
}
],
"components": [
{
"name":"docker://alpine"
}
],
"docker-layers": [
"0503825856099e6adb39c8297af09547f69684b7016b7f3680ed801aa310baaa"
]
}
}Sample Request
{
"notes": "ignore 'CVE-2016-2168' when watch is 'tstWatch'",
"ignore_filters": {
"cves":[
"CVE-2016-2168"
],
"watches":[
"tstWatch"
]
}
}Sample Request
{
"notes": "ignore 'CVE-2016-2168' until the expiration date set'",
"expires_at": "2020-06-29T00:00:00Z",
"ignore_filters": {
"cves":[
"CVE-2016-2168"
],
"watches":[
"tstWatch"
]
}
}Sample Request
{
"notes": "ignore 'XRAY-12345' for component 'rpm://juice' of version '6.0.0",
"ignore_filters": {
"vulnerabilities":[
"XRAY-12345"
],
"components":[
{
"name":"rpm://juice",
"version":"6.0.0"
}
]
}
}Sample Request
{
"notes": "ignore any violation for 'tstRB' release-bundle",
"ignore_filters": {
"vulnerabilities":[
"any"
],
"licenses":[
"any"
],
"release-bundles":[
{
"name":"tstRB"
}
]
}
}Sample Request
{
"notes": "ignore any violation for 'gav://dev' artifact only under repo 'devRepo' when violation sources are any version of 'go://gosu' or 'rpm://juice'",
"ignore_filters": {
"vulnerabilities":[
"any"
],
"licenses":[
"any"
],
"artifacts":[
{
"name":"gav://dev",
"path":"devRepo/"
}
],
"components":[
{
"name":"go://gosu"
},
{
"name":"rpm://juice"
}
]
}
}Sample Request
{
"notes": string,
"ignore_filters": {
"vulnerabilities": [
"any"
],
"licenses": [
"any"
],
"artifacts": [
{name:"docker://redis", version: "any", path: "/testRepo"}
]
}
}
Release Bundle V2 Sample Request
{
"notes" : "ignore vulnerability for specific release bundle V2",
"ignore_filters" : {
"vulnerabilities" : ["XRAY-93075"],
"release_bundles_v2" : [{
"name": "MyBundle",
"version": "1.23",
"path": "release-bundles-v2"
} ]
}Operational Risk Sample Request
{
"notes": "ignore Operational Risk violations for artifact 'gav://org.jfrog.ignored:ignored-core' of version '2.0.0",
"ignore_filters": {
"operational_risk":[
"any"
],
"artifacts":[
{
"name":"gav://org.jfrog.ignored:ignored-core",
"version":"2.0.0"
}
]
}
}Sample Response
successfully added ignore rule with id: {id}Projects Filter:
Note: Add project field to Builds filter, a Build without a project is referred to as a Global Build.
{
"notes": "ignore any license for any version of alpine for the base layer within all 'myApp' builds",
"ignore_filters": {
"licenses":[
"any"
],
"builds": [
{
"name":"myApp", "project":"projA"
}
],
"components": [
{
"name":"docker://alpine"
}
],
"projects": [
"projA",
"projB"
]
}
}Exposures Sample Request 1
Ignore exposures by category on a given path within the artifact.
{ "notes": "path /etc/envoy/req.sw.envoy.admin-localhost.yaml", "ignore_filters": { "exposures": { "categories": [ "secrets", "services" ], "file_path": [ "/etc/envoy/req.sw.envoy.admin-localhost.yaml" ] } }}
Exposures Sample Response 1
{ "info": "Successfully added Ignore rule with id: 269c3872-4735-4244-4886-17ae1dc5fcd6"}
Exposures Sample Request 2
Ignore exposures by scanner on a given path within the artifact.
{ "notes": "path /etc/envoy/req.sw.envoy.admin-localhost.yaml", "ignore_filters": { "exposures": { "scanners": [ "EXP-12345" ], "file_path": [ "/etc/envoy/req.sw.envoy.admin-localhost.yaml" ] } }}
Exposures Sample Response 2
{ "info": "Successfully added Ignore rule with id: 45f570bb-15f9-4370-4414-5f13aa6387d1"}
Response Codes:
201 - successfully created ignore rule id: {ignore_rule_id}
500 - Failed to create ignore rule
400 - Parsing/validation error
401 - Unauthorized
403 - Forbidden
415 - Unsupported media type