Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note: Twistlock (Prismacloud) is a licensed tool and please open an support Jira request as it requires work from our end to add your license to enable the integration.

Registering Twistlock to Tool Registry

  1. Login tohttps://portal.opsera.io -> Tool Registry -> Click “Select +New Tool” ButtonTool.

  2. Enter a name unique Tool Name and select “Twistlock” as Tool Identifier.

  3. Click “Create” button for the tool to be registered.

  4. Navigate to the tool and navigate to Connections tab. Enter connection details - URL, ID and password and select Save.

    Image Added

  5. “Test Connection” to ensure tool connection succeeds and that credentials are valid

    Image Added

  6. Twislock configuration is complete.

  7. Navigate to Pipelines.

  8. Navigate to a pipeline to add Twistlock step as part of container scan.

    Image Added

  9. Click Edit workflow and add new stage to pipeline by clicking + icon in the workflow

    Image Added

    Image Added


  10. Click Save and Exit.

  11. Click Settings (gear icon⚙️) in the pipeline to navigate to Step Configuration. Make the following selections:

    1. Jenkins Tool Selection - Choose Jenkins tool.

    2. Twistlock Tool - Choose Twistlock tool

    3. Docker Build Step - Choose Docker Build tool.

    4. Compliance Threshold - Select a compliance threshold level from the following options: Critical, High, Medium, Low, or Total. Enter a count.

    5. Vulnerability Threshold - Select a vulnerability threshold level from the following options: Critical, High, Medium, Low, or Total. Enter a count

  12. Save Step Configuration and select Start pipeline.

    Image Added

...

13. Navigate to Summary tab to view the Console Output in step run.

14. Click the Console Log to view the step output from Twistlock tool.

...

15. Close the Console Log and navigate to pipeline view to validate other stages in the pipeline.

Note: KPI’s for twistlock is in progress and this page will be updated as and when the KPI’s are updated.

Note: Please follow below links to set up vulnerability rules, Severity based rules, Scope, rule exceptions, etc.

Vulnerability Management: https://docs.twistlock.com/docs/compute_edition_21_04/vulnerability_management/vuln_management_rules.html

Severity Based Rules: https://docs.twistlock.com/docs/compute_edition_21_04/vulnerability_management/vuln_management_rules.html#severity-based-actions

Rule Exceptions: https://docs.twistlock.com/docs/compute_edition_21_04/vulnerability_management/vuln_management_rules.html#rule-exceptions