AnsweredAssumed Answered

Integrating Qualys Container security plugin with Jenkins

Question asked by Jayanarayan MC on Jun 19, 2019
Latest reply on Jul 16, 2019 by Jayanarayan MC

We have configured the jenkins plugin as described in qualys container security pdf document. But we are unable to pass the docker image id as environment variable. Qualys plugin reports error if we pass docker image as environment variable. If we pass the actual image id it works. So this becomes difficult to scan the image currently built which is set as env variable.

 

Eg.

 

 

Error from qualys is as follows

Using docker daemon URL : unix:///var/run/docker.sock Failed to extract image Id associated with '${IMAGE_ID}' ; Reason : {"message":"no such image: ${IMAGE_ID}: invalid reference format: repository name must be lowercase"} hudson.AbortException: Failed to extract image Id associated with '${IMAGE_ID}'.

If a actual docker image is passed, the plugin fetches the report

 

Let us know how we can get the report for the docker image by providing image id value through env variable

Outcomes