Codefresh Steps: Reusable Code for Common Operations

This page provides code you can use to perform common operations in the Codefresh CI/CD platform.

Run a Twistlock security scan twistlock

Scan a docker image with the Twistlock security service.

arguments

CODEFRESH_CLI_KEY - https://g.codefresh.io/account/tokens

COMPLIANCE_THRESHOLD - [ low, medium, high ] sets the the minimal severity compliance issue that returns a fail exit code

CONSOLE_HOSTNAME - Twistlock hostname/ip

CONSOLE_PASSWORD - password

CONSOLE_PORT - port

CONSOLE_USERNAME - username

DETAILS - true|false - prints an itemized list of each vulnerability found by the scanner

HASH - hashing algorithm (one of: md5, sha1, sha256)

INCLUDE_PACKAGE_FILES - true|false - List all packages in the image.

ONLY_FIXED - true|false - reports just the vulnerabilites that have fixes available

TLSCACERT - CA Cert if provided TLS will be used

VULNERABILITY_THRESHOLD - [ low, medium, high, critical ] sets the minimal severity vulnerability that returns a fail exit code

    TwistlockScanImage:
  type: twistlock
  arguments:
    TEST_IMAGE: '${{TEST_IMAGE}}'
    CODEFRESH_CLI_KEY: '${{CODEFRESH_CLI_KEY}}'
    CONSOLE_HOSTNAME: '${{CONSOLE_HOSTNAME}}'
    CONSOLE_PORT: '${{CONSOLE_PORT}}'
    CONSOLE_USERNAME: '${{CONSOLE_USERNAME}}'
    CONSOLE_PASSWORD: '${{CONSOLE_PASSWORD}}'
    COMPLIANCE_THRESHOLD: '${{COMPLIANCE_THRESHOLD}}'
    VULNERABILITY_THRESHOLD: '${{VULNERABILITY_THRESHOLD}}'

github.com

Dustin Van Buskirk

Jul 4, 2021

source