Adds a Build Step for scanning Docker images, local or hosted on registries, for security vulnerabilities, using the API provided by Aqua Security
- Added rootless podman support to scan images using podman.
- Added
Podman socket directory (applicable to non-root users)in build job configurations which accepts runtime directory.
- Added
Hide base image vulnerabiltiesflag for all scan types in build job configurations.
- Fix [SLK-69159] StringIndexOutOfBoundsException occuring inconsistently when scanning images.
Happened because of we are not handling String.substring() properly, Now its handled.
- Fix JENKINS-71287 plugin is overriding reports when several builds\jobs are running in parallel
- Update the Action Menu items added by the plugin to contain the scanned image name.
- For each assurance policy failure, show the name of the specific controls that failed.
- Made localToken an optional field which accepts string value in pipeline syntax.
- Added support of aqua scanner token for authentication at the global and job level settings.
- Added custom container runtime scanning support with following optional fields:
- containerRuntime
- scannerPath
- Reverted the container runtime support added in 3.1.0 due to backward compatibility support.
- Added custom container runtime scanning support
Note: Please add empty values("") for following parameters in pipeline
- containerRuntime
- scannerPath
- Updates for cloudbees
- Fix issue with css for cloudbees
- Update css static file
- Fix issue with stappler logging error
- Adding docker archive support for scanning tar files.
- Fix issue with scanner report has random string
- Adding support for DTA scan results.
- Migrate to GitHub docs
- Remove scanner default image
- Jenkins global configuration improvements
- Update scanner default version to 4.2 and changing global settings checkbox text
- Adding encryption in the persisted in forms Url/User/Pass**
**
- Adding support for custom flags.
- Change default registry.
- Allow "Register" checkbox on local and hosted images.**
**
- Bug fix: Fixing error when job name have space.**
**
- Adding support for --policies force use of provided image assurance
policies (local scans only)**
**
- Report build ID,build URL,build name from the running Jenkins Job to
Aqua Console.**
**
- Support html output without lower jenkins security in the script console.
- Change default version to 3.x
- Adding support for k8s jenkins plugin.
- Adding support for --no-verify. (Do not verify TLS certificates)
- Adding multiple images artifact archive support.**
**
- Bug fix: Fixing policy not saved on UI.
- Bug fix: Fixing password masking when runOptions is set.
- Adding support to register remote images.
- Bug fix: plugin archive the entire working directory.
- Support for Jenkins pipeline.
- Two new checkboxes in the step definition control whether base image vulnerabilities are hidden (for hosted images only) and whether negligible vulnerabilities are shown.
- Additional options for the "docker run" command running the scanner can be specified in the "Configure System" page.
- If the plugin has not been configured in the "Configure System" page, a message is displayed directing the user to do so.
- Multiple Aqua Scanner steps in a build are now supported, each resulting in its own output.
- A shell command to be run when the scanned image does not comply with Aqua policy, can be specified.
- Bug fix:. could not run steps from 1.3 without re-saving configuration.
- In the build page, there are now icons display the scan results.
- The artifacts are now archived automatically and there is no need for the "Archive the artifacts" post-build step.
- In the build step, you can decide whether the build fails or not, when the scanned image does not comply with Aqua policy.
- Aqua's scanner image can be set in the global configuration.
- Artifact is now an HTML report.
- First release.