Problem

In some plugins, such as Bamboo and Jenkins, there is an option to add additional Docker runtime parameters. Presently, this is not available in Azure DevOps via a direct field based on how Aqua interacts with the pipeline. In the meantime, the solution below will suffice as a workaround.


Solution


The plugin is a wrapper for the scanner as a whole and through the plugin's configuration, you can modify certain flags and arguments. One of those arguments is the image name that you would like to leverage for the scanner. This allows you to specify the version of the container per build pipeline. You can add additional commands here prior to the image name and it will be applied to the Docker run.



This resulted in the run command below:


docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /tmp:/tmp -e https_proxy=https://myregistryproxy:8443 registry.aquasec.com/scanner:4.0 scan --user *** --password *** --host http://Aqua-console:8080/ --registry Docker Hub ***/testcase:83 --jsonfile /tmp/out.json --htmlfile /tmp/out.html > /dev/null