- Support for TLS 1.3 added for compatible bamboo versions.
- Minimum supported bamboo version bumped up to v 6.8.0
- Version 188.8.131.52 • Released 2021-07-15 • Supported By Qualys, Inc • Free • Commercial
- Version 184.108.40.206 • Released 2021-07-02 • Supported By Qualys, Inc • Free • Commercial
Bug Fixes and Improvements
- Version 220.127.116.11 • Released 2021-06-09 • Supported By Qualys, Inc • Free • Commercial
1. Fetched scan results are now filtered by 'lastScanned' of the image
2. Plugin will now verify if Qualys sensor is running or not and whether it is installed in 'CICD' mode.
3. In a scenario when multiple images are configured and build timeout is reached for few images without receiving any scan data, the plugin will generate scan results for the images for which it has received scan data before timeout.
4. Plugin is now using v1.3 of CS APIs
5. Miscellaneous Bug fixes
- Version 18.104.22.168 • Released 2020-05-15 • Supported By Qualys, Inc • Free • Commercial
1. We now support latest Bamboo server versions: v6.10.5 and v7.0.3.
2.We now support Qualys Gateway APIs for API requests.
3. You can now use regular expressions for defining search pattern in the “Fail with any of these Softwares” condition.
4. On the Scan Report page, in the report header, we added a new field “Scan Report” that will show a link that you can click to view the image summary on Qualys Portal.
5. The plugin API request for fetching the container images data will fail if it is unable to find a container image for tagging and respective images details in your account on Qualys Portal.
6. The CS Reports tab will be visible only if the step 'Scan Container Images with Qualys CS' is added and successful scan results are generated by the Qualys Container Scanning Connector for Bamboo.
- Version 22.214.171.124 • Released 2020-04-02 • Supported By Qualys, Inc • Free • Commercial
- Plugin name changed to - 'Qualys Container Scanning Connector'
- Task name changed to - 'Scan container images with Qualys CS'
- Version 126.96.36.199 • Released 2020-04-01 • Supported By Qualys, Inc • Free • Commercial
You can now install the Docker image Vulnerability Analysis Plugin for Bamboo on 6.10.X Bamboo Server versions:- 6.10.4, 6.10.3, 6.10.2
- Version 188.8.131.52 • Released 2019-07-23 • Supported By Qualys, Inc • Free • Commercial
1. You can now provide CVSSv2 or CVSSv3 base scores as criteria to fail a docker image build. The build will be evaluated against the CVSS scores and will fail if vulnerabilities are found with CVSS scores greater than or equal to the specified score.
2. The test connection API used to check Bamboo Plugin connectivity to Qualys has been updated.
- Version 184.108.40.206 • Released 2019-04-12 • Supported By Qualys, Inc • Free • Commercial
1. Scan Images By Name - Docker Image(s) name can be given as input to plugin now. Yet the older functionality of image Ids is still supported.
2. Major Enhancement : Continue polling API even when plugin gets HTTP 5xx from server
- Version 220.127.116.11 • Released 2018-12-04 • Supported By Qualys, Inc • Free • Commercial
- Common library integration
- Fail build based on software detected
- Tabular, more informative summary
- Exclude list
- Support for remote build agents.
- Tagging the image to let CI/CD Sensor know the scan target
- Version 18.104.22.168 • Released 2018-11-07 • Supported By Qualys, Inc • Free • CommercialNo release notes.
- Version 22.214.171.124 • Released 2018-11-07 • Supported By Qualys, Inc • Free • CommercialNo release notes.