Scan CI/CD Images

Configure the Qualys Container Scanning Connector automatically to tag CI/CD images with 'qualys_scan_target:<image-id>'.

Docker URL: Docker REST API URL / Docker socket path. Only unix:/// and tcp:// protocols allowed.

Cert File Path: If you are using remote server enabled https, you can provide a specific folder location which contains the files ca.pem, cert.pem and key.pem. For example, /var/home/certs.

bamboo_cicd

Docker URLs

The following table shows the (unix socket or TCP) to be used in Various Docker Deployment Scenarios:

Deployment scenario	Sensor location	Docker URL to be used
Job executed by Azure DevOps agent AND Docker host == Azure DevOps agent	Azure DevOps agent	UNIX unix:///var/run/docker.sock
Job executed by Azure DevOps agent AND Docker Host == Remote docker host (any machine other than Azure DevOps agent)	Remote docker host	TCP path of the Remote Docker host: tcp://<ip_of_RDH>:<port> For example, tcp://10.115.67.61:2375

Deployment scenario

Sensor location

Docker URL to be used

Job executed by Azure DevOps agent AND

Docker host == Azure DevOps agent

Azure DevOps agent

UNIX

unix:///var/run/docker.sock

Job executed by Azure DevOps agent

AND

Docker Host == Remote docker host

(any machine other than Azure DevOps agent)

Remote docker host

TCP path of the Remote Docker host:

tcp://<ip_of_RDH>:<port>

For example,

tcp://10.115.67.61:2375

Next Step

Use the Plugin