Introduction
Architecture
Onboard
Introduction
Users
Teams
Introduction
IntroductionPromote an image in Amazon ECRDownload a file from JFrog ArtifactoryMove or copy an image from JFrog ArtifactoryUpload a file to JFrog ArtifactoryRegister a build artifactRegister a deployed environment artifactStore an object on Amazon S3Retrieve an object from Amazon S3
IntroductionCreate or update a functionInvoke a function
IntroductionRun an AWS CodePipelineRun a Bamboo projectRun a Bitbucket pipelineRun a CloudBees CI jobRun a CircleCI workflowRun a GitHub Actions workflowRun a GitLab pipelineRun a Harness pipelineRun a Jenkins® jobRun a JFrog pipelineRun a TeamCity project
Check out a Git repository
IntroductionAWS credentialsECR credentialsEKS credentialsGit global credentialsOCI credentials
IntroductionRun Argo WorkflowsCopy a remote image with CraneDeploy a binary with EC2Deploy to ECSRender an ECS task definitionBuild a container image with KanikoDeploy with OctopusDeploy with SpinnakerRun Ansible PlaybookDeploy with HerokuDeploy with AWS CodeDeployDeploy with AWS Elastic BeanstalkDeploy with Tosca
Publish evidence items
IntroductionHelm chart installHelm chart packageHelm chart publishHelm chart uninstall
IntroductionCreate a Kubernetes namespaceCreate/update a Kubernetes resourceDeploy to a Kubernetes cluster
IntroductionVerify with NewRelic
Execute remote commands via SSH
IntroductionAnchoreAquasecJFrog XraySnyk ContainerSonatype (Nexus) ContainerTrivy
IntroductionStackhawkZAP
IntroductionCheckmarxFind Security BugsGitHub Security ScannerGosecMendNexus IQSnykSonarQube bundledSonarQube
IntroductionBlack DuckMendSnyk
IntroductionTruffleHog ContainerTruffleHog CodeTruffleHog S3
IntroductionCreate a change requestUpdate or close a change requestGet a change request current stateQuery a change request approval
Publish test results
Multi-workflows dispatch
Introduction
Introduction`cloudbees` and other context objectsenvnameonjobs.<job_id>.delegates.<job_id>.env.<job_id>.environment.<job_id>.if.<job_id>.needs.<job_id>.outputs.<job_id>.permissions.<job_id>.services.<job_id>.services.<service_id>.services.<service_id>.args.services.<service_id>.env.services.<service_id>.imagejobs.<job_id>.stepsjobs.<job_id>.steps[*].idjobs.<job_id>.steps[*].envjobs.<job_id>.steps[*].ifjobs.<job_id>.steps[*].namejobs.<job_id>.steps[*].runjobs.<job_id>.steps[*].shelljobs.<job_id>.steps[*].usesjobs.<job_id>.steps[*].withjobs.<job_id>.steps[*].with.argsjobs.<job_id>.steps[*].with.entrypointjobs.<job_id>.steps[*].timeout-minutesjobs.<job_id>.timeout-minutes
An example workflow
Manage workflows
IntroductionManual approval
Personal access tokens
Trigger a workflow remotely
Artifacts
IntroductionJob logsService logsEvidenceTest resultsBuild artifacts
CI insights for Jenkins

Define the service-level agreement

2 minute read

CloudBees platform allows you to define your service-level agreement (SLA), setting the acceptable response window for fixing a vulnerability based on severity. The greater the severity, the faster the response required.

For each severity, response windows (numbered in days) default to the following values:

  • Very High: 15 days.

  • High: 35 days.

  • Medium: 180 days.

  • Low: 360 days.

You can change response windows by defining the SLA. By default, child organizations automatically inherit the SLA of their parent organization.

You must have the Admin role to define the SLA.
SLA configuration
Figure 1. SLA configuration

To define the SLA for the root organization:

  1. From the left sidebar on the Home screen, select SLA configuration from the Security dropdown.

  2. Select Edit from the upper-right.

  3. For each severity, enter the acceptable response window for fixing a vulnerability, numbered in days.

  4. (Optional) Select Prevent override from the upper-left to prevent child organizations from deviating from the SLA configuration. For further information, refer to Overriding SLA inheritance.

  5. Select Save SLA configuration.

Overriding SLA inheritance

By default, child organizations inherit the SLA configuration from the organization above them. A user with the Admin role can override the inherited SLA configuration, to set a different SLA for an organization and its children.

The status of an organization’s SLA inheritance is displayed in the upper-left, beneath SLA configuration:

  • Default: The organization (including the root) is using the default, unchanged SLA configuration.

  • Original: The root organization’s SLA configuration once changed from the default.

  • Inherited: The organization inherits the SLA from its parent organization.

  • Overridden: The organization has overridden its parent organization’s SLA.

sla inheritance status
Figure 2. SLA inheritance status

To override an organization’s SLA inheritance:

  1. Ensure that Prevent override is not selected for the parent organization:

    1. Navigate to the parent organization, then from the left sidebar select SLA configuration from the Security dropdown.

    2. If Prevent override is selected:

      1. Select Edit or Create override from the upper-right.

      2. Deselect Prevent override.

      3. Select Save SLA configuration.

  2. Navigate to the desired organization, then from the left sidebar select SLA configuration from the Security dropdown.

  3. Select Create override from the upper-right.

  4. For each severity, enter the acceptable response window for fixing a vulnerability, numbered in days. The default values are as follows:

    • Very High: 15 days.

    • High: 35 days.

    • Medium: 180 days.

    • Low: 360 days.

  5. (Optional) Select Prevent override from the upper-left to prevent child organizations from deviating from the SLA configuration.

  6. Select Save SLA configuration.

Where a child organization has overridden the SLA, and the parent subsequently prevents overriding, the child organization will revert to inheriting the SLA from its parent. Should the parent later permit overriding again, the child will revert to the previously stored values for its SLA.

SBOM analysis