You can set the configuration parameters as secrets and variables. Secrets are used to manage the sensitive configuration data and variables are used for non-sensitive configuration data.
To configure the environment parameters for a repository:
Switch to the Variables tab.
Click New repository variable.
On the New repository variable pane, enter the required details for a variable and click Add.
Following is the list of environment parameters:
Parameter Name |
Description |
Mandatory/ Optional |
Parameter Type |
QUALYS_PASSWORD |
Use the Qualys password. |
Mandatory |
Secret |
API_SERVER |
Use the API URL. To get the list of API Server URLs, refer to Platform Identification. |
Mandatory |
Variable |
QUALYS_USERNAME |
Use the Qualys username. |
Mandatory |
Variable |
WEBAPP_ID |
Use the web application ID that you want to scan. |
Mandatory |
Variable |
SCAN_NAME |
Enter a name for the scan. The timestamp gets appended automatically. |
Mandatory |
Variable |
SCAN_TYPE |
Specify the scan type - VULNERABILITY or DISCOVERY. |
Mandatory |
Variable |
AUTH_RECORD |
Use one of the following values: |
Optional |
Variable |
AUTH_RECORD_ID |
Use the specific AUTH_RECORD_ID. |
Optional |
Variable |
OPTION_PROFILE |
The option profile contains the various scan settings such as the vulnerability types that should be tested (detection scope), scan intensity, error thresholds, and so on. |
Optional |
Variable |
OPTION_PROFILE_ID |
Use the option profile ID of your choice. |
Optional |
Variable |
CANCEL_OPTION |
Use one of the following: |
Optional |
Variable |
CANCEL_HOURS |
Use the numeric value to specify scan duration in hours. |
Optional |
Variable |
SEVERITY_CHECK |
Use one of the following values: |
Optional |
Variable |
SEVERITY_LEVEL |
Specify the severity level of the vulnerability. You can use any values between 1-5. In Qualys, a severity level of 1 is as considered the least harmful, and a severity level of 5 is considered as most harmful. |
Optional |
Variable |
FAIL_ON_SCAN_ERROR |
Use true or false as the parameter value. |
Optional |
Variable |
WAIT_FOR_RESULT |
Use one of the following values: |
Optional |
Variable |
INTERVAL |
Use the numeric value to set the polling interval in minutes to collect the scan data. For example, 5. |
Optional |
Variable |
TIMEOUT |
Use the numeric value to set the timeout duration in minutes to check the scan results. For example, 60. The default value of TIMEOUT is 350 minutes. |
Optional |
Variable |
EXCLUDE |
Use the QIDs separated by comma to exclude them from the scan. For example, 1234, 1345. This excludes the two QIDs for vulnerability severity level failure conditions. |
Optional |
Variable |
All the parameter values given in the above table are case-sensitive.