PagerDuty Integrations

This section describes integrations with PagerDuty.

Artifactory Integration with PagerDuty

PagerDuty is a SaaS-based platform that helps to prevent and resolve business-impacting incidents.

Usually, when making software updates to your binaries and applications, your development teams don’t always have direct access to the metadata surrounding events (example: during the compilation of that code). Getting this information is especially important when you have different teams in charge of different parts of your software delivery pipeline. Our integration with PagerDuty allows this monitoring to take place so your on-call teams can monitor events in real-time.

For a list of supported notifications with PagerDuty integration with Artifactory, see Types of Supported Notifications with Artifactory Integration with PagerDuty.

How it Works

• Users will install the JFrog Artifactory integration application from within the PagerDuty Service Directory and receive a URL to setup the PagerDuty webhook events within JFrog Artifactory.
• JFrog Artifactory will utilize the PagerDuty webhook trigger to send notifications to PagerDuty. Users will be able to configure their webhook events for repositories, builds, artifact properties, and release bundles within JFrog Artifactory and associate these events with the PagerDuty webhook trigger.
• Once the webhook is configured within JFrog Artifactory, a change event alert will be available within the PagerDuty service whenever an event occurs.
• Artifactory performs a re-check of all selected repositories, builds, artifact properties, and release bundles and any events generated will be sent as a change event to the service in PagerDuty. Events from Artifactory will trigger a new change event on the corresponding PagerDuty service, or group them as alerts into an existing change event.

Configuration Overview

For instructions on how to set up this configuration, see Artifactory Integration with PagerDuty Configuration Overview.

Support

If you need help with this integration, contact [email protected].

Artifactory Integration with PagerDuty Configuration Overview

This topic reviews how to integrate Artifactory with PagerDuty.

Requirements

• PagerDuty integration requires an Admin base role for account authorization. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.
• JFrog Artifactory requires an Admin based role with administrative privileges to configure the integration. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.

Configuration Overview

To work with the integration:

Setup PagerDuty for Integration with Artifactory

First, if you don’t already have one, you’ll need to register an account with PagerDuty. Then, once logged into PagerDuty, you’ll hover over the People tab to get started. You can refer to the PagerDuty Quick Start Guide for more information regarding each of these pre-steps to setup and associate your recent changes with a service within PagerDuty.

Add the JFrog Integration as New Service for Artifactory Integration with PagerDuty

Add JFrog Artifactory integration to an existing PagerDuty service or create a new service by following the steps below:

1. First, you’ll need to create a new service. Navigate to Services > Service Directory and click +New Service.

2. On the next screen, give your new service a name.

   

3. After you get to step 4, search for “jfrog” and select JFrog Artifactory Notifications. You’ll then click on the Create Service button.

   

4. You’ll now see the following information. Copy the Integration URL as you’ll be using it to create your webhooks in the JFrog Platform:

   

5. Once, you have created a service inside PagerDuty, you’ll need to login to your JFrog instance to create webhooks. These webhooks will send event data to PagerDuty an serve as the basis for your alerts.

Setup Webhooks in JFrog Artifactory for Integration with PagerDuty

1. First, please login to your JFrog Platform instance.

   

2. Under the administration panel, click on General > Webhooks. Next, select + New Webhook from the top-right corner.

   

3. Next, provide a name to your new webhook. After providing the name, please copy the Integration URL from PagerDuty and paste it where it says URL here.

   

4. Then, select the types of events to include. In this example, we’re creating a Build webhook notification.

   

5. Now, select the repositories to include in this webhook notification.

   

6. Hit Save.

7. At the bottom of the main screen, you can Test the notification, by selecting the Test button.

   This will send your webhook event to your PagerDuty integration.

8. After you have tested your webhook, hit Create and you’re done.

9. Once you have tested and finish creating your webhooks, you can see them as recent changes in PagerDuty:

   

Types of Supported Notifications with Artifactory Integration with PagerDuty

All notifications are based on webhook events in the JFrog Platform. The currently supported notifications include:

Uninstall Artifactory Integration with PagerDuty

1. Find the integration to delete by navigating to Services and selecting Service Directory.
2. Select the service with your integration and navigate to Integrations tab.
3. Navigate to the integration by clicking on the integration name (JFrog Artifactory Notifications).
4. Click on the Delete Integration button on the top right corner.

Xray Integration with PagerDuty

PagerDuty integration with JFrog enables you to manage security and compliance proactively across the software development and release lifecycle. This integration allows you to receive early notifications within PagerDuty on vulnerabilities and compliance violations impacting artifacts, builds and components before production release.

❗️

Important

This integration was updated on July 12 2023 with the following improvements.

• Summarized Notifications - Instead of getting hundreds of notifications from JFrog Xray, you get a much shorter list of notifications summarized by severity.
• Link to the Scan Results page in JFrog Xray Included in your PagerDuty event - This is where you can check details of each vulnerability, CVE etc.

Benefits

• Proactively manage security and compliance across the software development and release lifecycle. Receive early notifications within PagerDuty on vulnerabilities and compliance violations impacting artifacts, builds and components before releasing to production.
• Customize notifications - Configure granular policies within JFrog Xray based on type of violation, severity, and receive notifications on repositories, builds or release bundles of interest.
• Summarized notifications for easy consumption - Receive a summary of Xray watch issues by severity as well as the link to the watch scan results as a PagerDuty event.

How it Works

• Users will install the JFrog Xray integration application from within the PagerDuty Service Directory and receive a URL to setup the PagerDuty webhook within JFrog Xray
• JFrog Xray will utilize the PagerDuty webhook trigger to send notifications to PagerDuty. Users will be able to configure their rules and set up watch policies for repositories, builds and release bundles within JFrog Xray and associate these rules with the PagerDuty webhook trigger.
• Once the webhook is configured within JFrog Xray, an incident will be sent to the PagerDuty service whenever security or license violation occurs.
• Xray performs a recheck of all watched resources and any found violations will send an event to a service in PagerDuty. Events from Xray will trigger a new incident on the corresponding PagerDuty service, or group as alerts into an existing incident.

Support

If you need help with this integration, contact [email protected].

Xray Integration with Pager Duty Service Configuration Overview

This topic reviews how to integrate Xray with PagerDuty Service.

To configure the integration, you must first have a PagerDuty account setup. Next, follow the instructions below or watch the video to understand how to finish the integration.

Requirements

• PagerDuty integration requires an admin base role for account authorization. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.
• JFrog Xray requires an Admin based role with administrative privileges to configure the integration. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.

For information available with PagerDuty integration for Xray, see Available Information in PagerDuty with Xray Integration

Configuration Overview

Add JFrog Xray integration to an existing PagerDuty service or create a new service by doing the following:

Integrate Xray with a PagerDuty Service

1. From the Configuration menu, select Services.

2. There are two ways to add an integration to a service:

   • If you are adding your integration to an existing service: Click the name of the service you want to add the integration to. Then, select the Integrations tab and click the New Integration button.
   • If you are creating a new service for your integration: Please read our documentation in section Configuring Services and Integrations and follow the steps outlined in the Create a New Service section, selecting JFrog Xray + PagerDuty Notifications as the Integration Type in step 4. Continue with the In JFrog Xray Setup section (below) once you have finished these steps.

3. Enter an Integration Name in the format JFrog and select JFrog Xray + PagerDuty Notifications from the Integration Type menu.

4. Click the Add Integration button to save your new integration. You will be redirected to the Integrations tab for your service.

5. An Integration Key will be generated on this screen. Click on the integration name next to the integration key and copy the integration URL in a safe place as it will be used when you configure the integration with JFrog Xray + PagerDuty Notifications in the next section.

   

Configure JFrog Xray for integration with PagerDuty

1. Navigate to Xray Security & Compliance in JFrog Platform’s Administration section and click on it

   

2. Click on Webhooks in the General tile

3. Create a new webhook for pagerduty

   

4. Enter Webhook Name

5. Enter URL (URL is the Events API endpoint from pagerduty) e.g., https://events.pagerduty.com/integration/integration_id/enqueue

6. Click Save

7. Navigate to Security and Compliance in JFrog Platform’s Application section and select Policies

   

8. Next, specify the policy name and select security from the dropdown list below policy name

   

9. Next, create a new rule for the policy by clicking on the New Rule to the right

   

10. Enter a rule name

11. In the criteria section, select the minimal severity or the cvss score. Violations in Xray are filtered based on this criteria and sent to pagerduty

12. In the Automatic Actions section, select Trigger Webhook checkbox and select the webhook that you created above for pagerduty

13. Click on Save

    

14. A policy rule is created with the rule name sepecified in Step10

15. Click create to create a policy with name specified in Step8

16. Navigate to watches in the Security and Compliance section on the left

    

17. Create a new watch or edit an existing watch

18. In order to create a new watch, click on the New Watch present at the top right corner of the screen

19. Enter the name and description of the watch

20. In Manage Resources section, click on Add repositories or Add Builds or Add Bundles and then include the resource that you want to watch from the available resources and click Save

21. In the Assigned policies section, Click on Manage policies towards the right and include the policy created in Step15 and click Save

22. Click Save to save the watch

23. You’ll see the watch in the list of watches

24. To manually trigger a watch, click on the play button and this will start sending any violations related to the watch to pagerduty

    

Available Information in PagerDuty with Xray Integration

Once you have setup using the walkthrough below, the following metadata will become available in PagerDuty:

Uninstall the PagerDuty Integration with Xray

1. Find the integration to delete by navigating to Services and selecting Service Directory
2. Select the service with your integration and navigate to Integrations tab
3. Navigate to the integration by clicking on the integration name (JFrog Xray + PagerDuty Notifications)
4. Click on the Delete Integration button on the top right corner

Pipelines Integration with PagerDuty

PagerDuty integration with JFrog enables you monitor your software release pipeline in real-time, receive up-to-date notifications within PagerDuty about the progress of your builds throughout the various stages in your continuous integration and continuous deployment pipeline. This allows you to respond quickly to build failures and to receive actionable, granular information about a particular pipeline step.

Benefits

• Monitor your software release pipeline in real-time. Receive up-to-date notifications within PagerDuty about the progress of your builds throughout the various stages in your continuous integration and continuous deployment pipeline.
• Respond quickly to build failures. Receive actionable, granular information about a particular pipeline step, including its status, name, type, and other details to respond quickly to builds that are failing or taking too long to complete

How it Works

• JFrog Pipeline will send notifications by calling PagerDuty’s Events API.
• PagerDuty users will be able to register the JFrog Pipeline integration application within their developer platform and set up the event integration. Once the setup is complete, JFrog Pipelines will use the Events API to push notifications containing build status information.

Support

If you need help with this integration, contact [email protected].

Pipelines Integration with PagerDuty Configuration Overview

This topic reviews how to integrate PagerDuty with Pipelines.

Requirements

• PagerDuty integration requires an admin base role for account authorization. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.
• JFrog Platform with Pipelines installed with a PagerDuty Pipelines Integration configured.

Configuration Overview

To work with the integration, do the following:

Integrate Pipelines with a PagerDuty Service

Add JFrog Pipelines integration to an existing PagerDuty service or create a new service with the following the steps.

1. From the Configuration menu, select Services.

2. There are two ways to add an integration to a service:

   • If you are adding your integration to an existing service: Click the name of the service you want to add the integration to. Then, select the Integrations tab and click the New Integration button.
   • If you are creating a new service for your integration: Please read our documentation in section Configuring Services and Integrations and follow the steps outlined in the Create a New Service section, selecting JFrog Pipelines Changes as the Integration Type in step 4. Continue with the In JFrog Pipelines Setup section (below) once you have finished these steps.

3. Enter an Integration Name in the format JFrog and select JFrog Pipelines + PagerDuty Notifications from the Integration Type menu.

4. Click the Add Integration button to save your new integration. You will be redirected to the Integrations tab for your service.

5. An Integration Key will be on this screen. This is the key that is called service integration/routing key when configuring the UI in pipelines. This confusion is inherited from the inconsistencies in the PagerDuty api docs

   

Create a Pipelines Integration for PagerDuty

Add JFrog Pipelines integration to an existing PagerDuty service or create a new service with the following steps.

1. Open your JFrog Platform with Pipelines and click on the Adminstration gears in the left menu. Click on the Pipelines menu item and then click on the sub-tab Integrations.

2. Click the + Add an Integration link on the top right.

3. Select PagerDuty Events for the integration type

   

4. Enter a name for this integration which will be used in the pipeline yaml. ex: MyPagerDutyIntegration

5. Enter the Pagerduty Integration Key created in prior steps.

6. Click Create.

Create a Pipelines Build YAML for Integration with PagerDuty

1. Create a new git repository or use an existing repository to save a new file pipeline.yaml
2. Create a new Pipelines integration for your SCM provider. Visit the official documentation.
3. Create a new pipeline YAML definition that uses the new PagerDuty Events integration above to send build notifications to PagerDuty.
4. Replace <MyPagerDutyIntegration> with the name of the Pipelines integration for Pagerduty

resources:
  - name: pagerDutyGitRepo
    type: GitRepo
    configuration:
      gitProvider: MyGithubIntegration
      path: jfrog/jfrog-pipelines-example
pipelines:
  - name: pipeline_pagerduty_example
    steps:
      - name: pagerduty_example_step
        type: Bash
        configuration:
         integrations:
           - name: <MyPagerDutyIntegration>
          inputResources:
            - name: pagerDutyGitRepo
        execution:
          onExecute:
           - send_notification <MyPagerDutyIntegration> --text "<Your message>"

Commit the pipeline yaml to your SCM provider and then follow the official steps on adding a pipeline.

Run a Pipelines Build with PagerDuty Integration

1. Click the JFrog Pipeline tab My Pipelines.

2. Select the Pipeline you have synced .

3. Click the Pipeline tile and click the Trigger this step button

   

   .

Or follow the official steps on all the ways of how to trigger a JFrog pipelines.

Uninstall Pipelines Integration with PagerDuty

1. Find the integration to delete by navigating to Services and selecting Service Directory.

2. Select the service with your integration and navigate to Integrations tab.

3. Navigate to the integration by clicking on the integration name (JFrog Pipelines + PagerDuty Notifications).

4. Click the Delete Integration button on the top right corner.

5. Remove any PagerDuty Pipelines in the Pipelines Sources tab of JFrog Pipelines by clicking the Delete button shown below.

   

   .