- Support for TLS 1.3 added for compatible bamboo versions.
- Minimum supported bamboo version bumped up to v 6.8.0
Version history
1.6.2.2Bamboo Server 6.8.0 - 8.0.132021-12-08Minor Bug Fixes and Improvements 1.6.2.1Bamboo Server 5.14.0.1 - 7.2.102021-07-02Bug Fixes and Improvements Bug Fixes and Improvements
1.6.2.0Bamboo Server 5.14.0.1 - 7.2.102021-06-09Fetch scan results filtered by 'lastScanned' , some bug fixes and improvements. 1. Fetched scan results are now filtered by 'lastScanned' of the image
2. Plugin will now verify if Qualys sensor is running or not and whether it is installed in 'CICD' mode.
3. In a scenario when multiple images are configured and build timeout is reached for few images without receiving any scan data, the plugin will generate scan results for the images for which it has received scan data before timeout.
4. Plugin is now using v1.3 of CS APIs
5. Miscellaneous Bug fixes
1.6.1.1Bamboo Server 5.14.0.1 - 7.0.62020-05-15Support latest Bamboo server version 7.X and some bug fixes and improvements. 1. We now support latest Bamboo server versions: v6.10.5 and v7.0.3.
2.We now support Qualys Gateway APIs for API requests.
3. You can now use regular expressions for defining search pattern in the “Fail with any of these Softwares” condition.
4. On the Scan Report page, in the report header, we added a new field “Scan Report” that will show a link that you can click to view the image summary on Qualys Portal.
5. The plugin API request for fetching the container images data will fail if it is unable to find a container image for tagging and respective images details in your account on Qualys Portal.
6. The CS Reports tab will be visible only if the step 'Scan Container Images with Qualys CS' is added and successful scan results are generated by the Qualys Container Scanning Connector for Bamboo.
1.6.0.2Bamboo Server 5.14.0.1 - 6.10.42020-04-02Rename Plugin and task - Plugin name changed to - 'Qualys Container Scanning Connector'
- Task name changed to - 'Scan container images with Qualys CS'
1.6.0.1Bamboo Server 5.14.0.1 - 6.10.42020-04-01Support for latest Bamboo Server versions You can now install the Docker image Vulnerability Analysis Plugin for Bamboo on 6.10.X Bamboo Server versions:- 6.10.4, 6.10.3, 6.10.2
1.6.0.0Bamboo Server 5.14.0.1 - 6.9.22019-07-23Evaluate Docker image for CVSS score 1. You can now provide CVSSv2 or CVSSv3 base scores as criteria to fail a docker image build. The build will be evaluated against the CVSS scores and will fail if vulnerabilities are found with CVSS scores greater than or equal to the specified score.
2. The test connection API used to check Bamboo Plugin connectivity to Qualys has been updated.
1.5.0.0Bamboo Server 5.14.0.1 - 6.8.32019-04-12Allows image name as input and some bug fixes 1. Scan Images By Name - Docker Image(s) name can be given as input to plugin now. Yet the older functionality of image Ids is still supported.
2. Major Enhancement : Continue polling API even when plugin gets HTTP 5xx from server
1.4.3.0Bamboo Server 5.14.0.1 - 6.7.32018-12-04Software filter for build failure conditions. Provides intuitive scan summary. 1.4.3.0:
- Common library integration
- Fail build based on software detected
- Tabular, more informative summary
1.4.2.0
- Exclude list
- Support for remote build agents.
- Tagging the image to let CI/CD Sensor know the scan target
1.4.2.0Bamboo Server 5.14.0.1 - 6.7.32018-11-07This release targets plugin to run on local as well as remote agents No release notes.1.4.0.0Bamboo Server 5.9.7 - 6.6.32018-11-07First release. Plugin task supports global and local configuration. No release notes.