Create Twistlock plugin procedures

Plugin procedures can be used in procedure steps, process steps, and pipeline tasks, allowing you to orchestrate third-party tools at the appropriate time in your component, application process, or pipeline.

Depending on your plugin configuration and how you run procedures, the Input parameters Configuration name field may behave differently in the CloudBees CD/RO UI. For more information, refer to Differences in plugin UI behavior.

CreateTwistlockPolicyReport

Provides details of policy rules that can be applied when a scan is performed. Vulnerabilities and compliance rule details are returned in the order they apply to the scan. For further information on policy rules, consult your Prisma Cloud Console.

Input parameters

Parameter Description

Configuration name

Required. The previously defined configuration for the plugin.

Image name

Required. Specify the exact name of the image you want the policy report created for. For example, ubuntu:latest.

You can also use a suffix pattern to create a policy report for more than one image. For example, ubuntu* creates a policy report for all images whose names begin with ubuntu.

Result property

Property to store results. By default, /myJob/TwistlockPolicyReport.

Result format

Select JSON or Property Sheet to save the results in that format, or Do not save the result to discard them.

If JSON or Property Sheet is select, any retrieved issues are saved using this property.

Create summary link?

If selected, a report is generated and attached to the job/pipeline summary. This option is selected by default.

RunImageScan

Scans your image, using twistcli images scan, for vulnerabilities and compliance issues based on your policies. This scan returns the type, severity, and number of issues. For further information on policy rules, consult your Prisma Cloud Console.

Input parameters

Parameter Description

Configuration name

Required. The previously defined configuration for the plugin.

Image name

Required. Specify the exact name of the image you want the policy report created for. For example, ubuntu:latest.

You can also use a suffix pattern to create a policy report for more than one image. For example, ubuntu* creates a policy report for all images whose names begin with ubuntu.

(DEPRECATED) Only fail builds when a vendor fix is available

The Only fail builds when a vendor fix is available option is DEPRECATED. This value is now configured in the Prisma Cloud Console. Any value supplied for this field is ignored, and if one is provided, the job will include a warning status.

To avoid this, set this parameter value to an empty string, run a job, and it will be removed from future plugin jobs.

(DEPRECATED) Vulnerability threshold

The Vulnerability threshold parameter is DEPRECATED. This value is now configured in the Prisma Cloud Console. Any value supplied for this field is ignored, and if one is provided, the job will include a warning status.

To avoid this, set this parameter value to an empty string, run a job, and it will be removed from future plugin jobs.

(DEPRECATED) Compliance threshold

The Compliance threshold parameter is DEPRECATED. This value is now configured in the Prisma Cloud Console. Any value supplied for this field is ignored, and if one is provided, the job will include a warning status.

To avoid this, set this parameter value to an empty string, run a job, and it will be removed from future plugin jobs.

(DEPRECATED) Grace period in days

The Grace period (in days) parameter is DEPRECATED. This value is now configured in the Prisma Cloud Console. Any value supplied for this field is ignored, and if one is provided, the job will include a warning status.

To avoid this, set this parameter value to an empty string, run a job, and it will be removed from future plugin jobs.

Docker address

Required. Docker socket address. Examples:

unix:///var/run/docker.sock
http://hostname:port

Docker CA certificate

Full path to the Docker Certificate Authority (CA) certificate.

Required if you are using TLS for your security protocol. If using Unix socket, leave null.

Docker client certificate

Full path to the Docker client certificate in PEM format signed by the CA.

Required if you are using TLS for your security protocol. If using Unix socket, leave null.

Client key

Full path to the Docker client key in PEM format.

Required if you are using TLS for your security protocol. If using Unix socket, leave null.

Output parameters

Table 3. RunImageScan output parameters
Parameter	Description
twistlockImageScanReportUrl	Workspace-relative URL to twistcli image scan text report:
twistlockImageScanResultJson	Workspace-relative URL to twistcli image scan text report:
VulnerabilityCountLow	Vulnerability count of Low:
VulnerabilityCountMedium	Vulnerability count of Medium:
VulnerabilityCountHigh	Vulnerability count of High:
VulnerabilityCountCritical	Vulnerability count of Critical:
VulnerabilityCountTotal	Vulnerability total count:
ComplianceCountLow	Compliance count of Low:
ComplianceCountMedium	Compliance count of Medium:
ComplianceCountHigh	Compliance count of High:
ComplianceCountCritical	Compliance count of Critical:
ComplianceCountTotal	Compliance total count: