Search code examples
buildazure-devopsjfrog-xray

XRay scan does not find any watch when launched from Azure DevOps pipeline

I'm trying to run an xray scan from an Azure DevOps pipeline but even with everything set up, I get

Xray does not have any Watches monitoring this build, or the Watches monitoring this build do not have a CI Integration action defined

I have a pipeline responsible for uploading a nuget package on artifactory. This part works fine, I can package it and publish it on artifactory on my repository with no issue. Then, on a the same build, I'm trying to run an xray scan using the same artifactory endpoint.

I get different errors while configuring the scan task. First it said that the build doesn't exist so I had to declare it on artifatory side, then it said that no build with this name was indexed so I added the build in the indexing setting and then this last error message telling me that no watch exist for that build which makes me think the issue is on Xray side.

(green task are working, red one is failind) pipeline

On Xray side, the build is indexed (error message disappear) and I have several watches, either specifying the build explicitly or all the builds. Each has at least one policy and are enabled as shown on the screenshot. That's why I don't understand how it could not find any matching watch since all builds are linked to the watch

watch

The exact message is the following

C:\hostedtoolcache\windows\jfrog\1.23.1\x64\jfrog.exe rt bs Lovely-Library-CI Lovely-Library-CI-20190505.1 --url="https://bobbob601.jfrog.io/bobbob601/" --user=*** --password=***
========================== Starting Command Output ===========================
##[command]"C:\windows\system32\cmd.exe" /D /E:ON /V:OFF /S /C "CALL "D:\a\_temp\e9fb9321-84e7-4d6b-9674-8e018729a51d.cmd""
The CLI commands require the Artifactory URL and authentication details
Configuring JFrog CLI with these parameters now will save you having to include them as command options.
You can also configure these parameters later using the 'config' command.
[Info] Triggered Xray build scan... The scan may take a few minutes.
[Info] Xray scan completed.
Configure now? (y/n): {
[Error] Xray does not have any Watches monitoring this build, or the Watches monitoring this build do not have a CI Integration action defined.
  "summary": {
    "total_alerts": 0,
    "fail_build": true,
    "message": "Xray does not have any Watches monitoring this build, or the Watches monitoring this build do not have a CI Integration action defined.",
    "more_details_url": ""
  },
  "alerts": [],
  "licenses": []
}

Any idea from where the issue could from or what I am missing ? I triple checked the documentation. tried to call manually xray with the CLI. still the same error

thanks a lot

Solution

  • Thanks to the JFrog support I got the undocumented answer.

    You have for at least one policy, check the option "fail on build". If they are only audit policy, then you get this random message.

    So Xray’s Watches -> -> Settings -> Policy (edit) -> check Fail on Build