Pipeline Project
With pipeline projects, you provide the plugin's container image ID(s) via a command argument perform the following steps:
- Use the Snippet Generator to generate this command, and then copy and paste it into your pipeline script (Jenkinsfile).
- Use a specific tag to build a container image you wish to scan for vulnerabilities.
- Use that tag to get the ID of the container image and then store that image ID in an environment variable.
- Provide that environment variable to the Qualys Jenkins Plugin as input.
Sample Pipeline script
stage("Build container image"")"{ :"sample in this case) steps"{ "dir(""dockerbuild"")"{ "sh""docker build -t qualys:sample . > docker_output" } } }" stage(""Get Image id"")"{ :"tag (qualys":"sample in this case) combination with the grep command to get the same image id and save the image id in an environment variable steps"{ "script"{ "def IMAGE_ID = sh(script":"docker images | grep -E '^qualys.*sample' | head -1 | awk '{print \\$3}'", "returnStdout":"true).trim() env.IMAGE_ID = IMAGE_ID" } } }" stage(""Get Image Vulns - Qualys Plugin"")"{ "'s step steps { getImageVulnsFromQualys useGlobalConfig:true, imageIds: env.IMAGE_ID } }"