Webhooks Pipeline Integration
You can configure source control systems to notify OX using a webhook on relevant events. Webhooks can be set up once for each group or project.
This method is useful for customers managing many repositories or using UI-driven CI/CD.
Webhook settings control how OX interacts with your source control system to report scan statuses and trigger scans automatically.
These settings define whether OX sends status updates, such as scan started/finished, back to the platform, and which branch events trigger scans.
To set webhooks:
Go to the Applications page and select the applications in which you want to apply pipeline scan.
Click the Pipeline Settings icon at the top.
In the Webhooks section of the Pipelines dialog, perform webhook configuration by source control platform, as follows:
For GitLab Webhooks integration, enable GitLab Commit Status and Merge Request Notes Reporting.
For GitHub App integration, enable GitHub Checks.
For Bitbucket App integration, enable Bitbucket Code Insights and Build Status Reporting.
Define which branches and events to monitor. You can use default options (e.g.,
main,protected) or patterns likerelease-*.
Branch Event Types to Scan
Specifies the types of branch events (Push, Pull Request) that trigger scans.
Choose Pull Request for protected/default branches. Customize for others as needed.
Branch Filters (Name Patterns)
Define naming patterns for branches to include in scan events. You can use wildcard (*) to include multiple branches with similar naming.
Use this to scan custom branch types, e.g., release-* or feature-*.
Select SAVE.
Last updated