AppTrust Jira Integration
The JFrog AppTrust Jira integration provides automated traceability between your Jira tickets and your AppTrust application versions.
The JFrog AppTrust Jira integration provides automated traceability between your Jira tickets and your AppTrust application versions. After an application version is promoted to a lifecycle stage, AppTrust automatically identifies the Jira tickets associated with the commits in that version, queries their status and history, and attaches a signed evidence object to the application version.
This means your lifecycle policies can permit or block promotions based on real ticket completion data — without any manual evidence collection or linking.
The integration works by scanning the git commit range between the previous and current application version, getting the commits from the GitHub SLSA provenance, extracting Jira ticket keys from commit messages, and enriching each ticket with its current status and transition history directly from the Jira API. The resulting evidence is cryptographically signed by the JFrog Platform and appears as a node in the application version's Content Graph, creating an immutable, auditable record of which Jira tickets were resolved as part of each release.
What’s Next?
Learn how to set up the Jira integration for AppTrust.
