twistlock

Execute Twistlock CLI image scan as build step

arguments

  • CODEFRESH_CLI_KEY - https://g.codefresh.io/account/tokens
  • COMPLIANCE_THRESHOLD - [ low, medium, high ] sets the the minimal severity compliance issue that returns a fail exit code
  • CONSOLE_HOSTNAME - Twistlock hostname/ip
  • CONSOLE_PASSWORD - password
  • CONSOLE_PORT - port
  • CONSOLE_USERNAME - username
  • DETAILS - true|false - prints an itemized list of each vulnerability found by the scanner
  • HASH - hashing algorithm (one of: md5, sha1, sha256)
  • INCLUDE_PACKAGE_FILES - true|false - List all packages in the image.
  • ONLY_FIXED - true|false - reports just the vulnerabilites that have fixes available
  • TLSCACERT - CA Cert if provided TLS will be used
  • VULNERABILITY_THRESHOLD - [ low, medium, high, critical ] sets the minimal severity vulnerability that returns a fail exit code
    version: '1.0'
steps:
  TwistlockScanImage:
    type: twistlock
    arguments:
      TEST_IMAGE: '${{TEST_IMAGE}}'
      CODEFRESH_CLI_KEY: '${{CODEFRESH_CLI_KEY}}'
      CONSOLE_HOSTNAME: '${{CONSOLE_HOSTNAME}}'
      CONSOLE_PORT: '${{CONSOLE_PORT}}'
      CONSOLE_USERNAME: '${{CONSOLE_USERNAME}}'
      CONSOLE_PASSWORD: '${{CONSOLE_PASSWORD}}'
      COMPLIANCE_THRESHOLD: '${{COMPLIANCE_THRESHOLD}}'
      VULNERABILITY_THRESHOLD: '${{VULNERABILITY_THRESHOLD}}'

  
github.com
Dustin Van Buskirk
Sep 18, 2019