Tasks for scanning container images and serverless functions in pipelines using twistcli
How to use
The extension assumes that the twistcli command is available in the PATH (e.g. usr/bin) and executable. You can use a separate task (e.g. Universal Package download) to download it into your Azure DevOps Pipeline.
# Example for Command Line Task after Universal Download
sudo mv $(System.DefaultWorkingDirectory)/twistcli /usr/bin/twistcli
sudo chmod +x /usr/bin/twistcli
We've made twistcli pluggable by design so there's no need to uninstall/reinstall the Twistlock extension from your organizations/projects/pipelines for each new Twistlock version upgrade, simply upload the updated twistcli binary to your feed and select that version to be used in your pipeline.
NOTE
The twistcli version needs to match the Twistlock Console version.
Available tasks
Azure DevOps
- Twistlock twistcli scan which scans a Docker container image or serverless function bundle zip file, displays the results locally, and sends them to the Twistlock Console.
/usr/bin/twistcli --http-proxy https://proxy:8080 images scan --address https://twistlock-console.example.com/ --user *** --password *** --details busybox
Get the source
source
This project cloned base on twistlock-sample-code for this extension is on GitHub.
Contribute
This extension was created by Mario Weigel and is now stewarded by Twistlock and the Twistlock user community.
Feedback and issues
If you have feedback or issues, please file an issue on GitHub or issue
