DEV Community

Cover image for JFrog Xray & Microsoft Teams
John Peterson for JFrog

Posted on • Updated on

JFrog Xray & Microsoft Teams

JFrog Xray & Microsoft Teams

More than ever we need to be made aware when security issues arise. JFrog Xray is a great product that brings operational awareness to your software development lifecycle combined together with Microsoft Teams we have the channel of communication we need to ensure our team is always on top of the latest security concerns.

Getting Started

Let's get started by opening up Microsoft Teams. We will need to make a new connector on the channel we want to deliver our messages into. Click on the more options "..." icon to bring up the menu of options for a channel. Select "Connector app" to bring up the popup.

Inside of the Connector popup search for "Incoming Webhooks" and click the "Add" button which will then bring you to the Configure screen shown below.

Enter the name "Xray Webhook" and download and save the Xray image to upload into the new webhook.

Scroll down in the popup after adding the webhook to grab the URL for the incoming webhook

Deploy the integration server

Download the Github repo here

Build the code using Golang

go build

Export environment variable MICROSOFT_TEAM_WEBHOOK with the URL of the incoming webhook

export MICROSOFT_TEAM_WEBHOOK=http://the-incoming-webhook-url

Run the integration server


Grab the hostname/ip address of the machine running the integration server we will use this to supply to Xray webhook in the below format

This is the endpoint to send the messages from Xray. Last stop let's configure Xray to send the outgoing webhook.

Xray Outgoing Webhook

As an admin user, open up JFrog Unified Platform and goto the administration setting shown below for Xray

Click on Webhooks and click on + New Webhook to open the new webhook screen. In this screen give a name and supply the URL of the integration server. Save the new webhook.

The next step is to add the new webhook to an Xray policy as a new rule. This is what will trigger the webhook when new violations are found in a watch associated to this policy. Click on Policies and create a new policy or update an existing one to add a new rule using the webhook as shown below.

That's it! Your done!

Congrats begin to watch the messages flow...

Top comments (0)