Enter Configuration Details

To use the plugin provide the following configuration details: 

1. API login information (Select Use Proxy to provide proxy information).

   Due to Azure DevOps limitations password string is visible on UI. To avoid disclosing password, use pipeline variable. 

2. Enter Container image ID or image name that you want to scan.
   Internally, image ID or image name is replaced with sha value of the image.

3. Enter Data collection frequency. 

4. Select the checkboxes if you want to set Build failure conditions.

5. Specify the docker daemon URL in the Advance Settings section for the plugin to connect to the docker daemon and tag the images specified in the input.

6. Specify the variable in the Output Variable section. The Output variable contains the evaluation result of the image vulnerabilities data against the build failure conditions.
   This is an optional setting, and the CS extension does not control the formatting of the JSON file. Hence, to have output in the proper JSON format, use any JSON specific utility.
   For example, in case of NodeJS script runner, you can add this line, 'console.log (JSON.stringify($(qcs.imageScanSummary)))' in the code along with the Output Variable from Qualys task as input to print the file in the proper JSON format. ('qcs.imageScanSummary' is the output variable created in the qualys task with 'qcs' provided as a reference name by the user)
   When you are ready, click Save Configuration.