Description

Twistlock provides container security. It is a rule-based access control policy system for Docker and Kubernetes containers.

Quick Info

Product
HCL Accelerate
Type
plugin
Compatibility
HCL Accelerate version 2.0 or later
Created by
HCL Software
Website
Version Name Action

1.0.39

ucv-ext-twistlock:1.0.39.tar

1.0.43

ucv-ext-twistlock:1.0.43.tar

ucv-ext-twistlock:1.0.39.tar

1.0.39


ucv-ext-twistlock:1.0.43.tar

1.0.43


Summary

The Twistlock plugin provides for integration with a Twistlock server. Data is uploaded to the HCL Accelerate server using an HTTP Post request.

History

The following table describes the changes made in each plugin version.

Plugin history details
Version Description
1.0.39 Bug fix

Usage

To use the Twistlock plugin, the plugin must be loaded and an instance created. Load the plugin into the HCL Accelerate container if necessary. From the user interface, click Settings > Integrations > Plugins. On the Plugins page, locate the plugin and click Load Plugin. To create an instance, locate the plugin and click Install. The plugin is now listed below those plugins to be installed and available for invoking.

Integration type

The Twistlock plugin is a parser type plugin. It parses data from Twistlock JSON files.

Invoking the plugin

To gather data from the Twistlock server, send an HTTP Post request with the data to parse. Whenever a there is a hit to the endpoint, the data is parsed and displayed as metrics in HCL Accelerate. You can use various methods such as Postman, REST calls, CURL, and CI/CD tools like Jenkins to invoke the plugin endpoints.

Invoke using the Jenkins plugin

Install the UrbanCode Velocity plugin into your Jenkins server. In your freestyle job or pipeline use the UCV-Upload Metrics File to UrbanCode Velocity step and provide the required fields. This step allows your build job to upload generated coverage results files to HCL Accelerate.


pipeline {
   agent any
   stages {
      stage('twistlockMetrics') {
         steps {
            step([$class: 'UploadMetricsFile',  appName: 'My Twistlock Test', dataFormat: 'twistlockJSON', filePath: '<location of the twistlock report>', name: 'my-twistlock-test', pluginType: 'twistlock', tenantId: '<tenant Id>', testSetName: 'twistlock', metricsRecordUrl: "${env.BUILD_URL}"])
         }
      }
   }
}

Invoke using a Rest call

When using a REST call to invoke the Twistlock plugin, it must be a POST method and include the location of the HCL Accelerate quality data endpoint.

The following request sample shows a REST call that you can copy and update as necessary. Key points about the snippet:

  • The URL points to the HCL Accelerate quality data endpoint. Update with the server location for your installation of HCL Accelerate.
  • The BODY of the call is a multipart/form data. It includes information about the payload.

METHOD: POST 
URL: https://<url_accelerate_server>/reporting-consumer/metrics
BODY (multipart/form-data):
 {
  payload: <json_object_string> // See below for schema format
 testArtifact: <twistlock_json_file>
 }

Invoking using Curl


curl --request POST \
  --url https:///reporting-consumer/metrics \
  --form 'payload={
    "tenant_id": "5ade13625558f2c6688d15ce",
    "application": {
    "name": "My Application"
  },
  "record": {
    "pluginType": "twistlock",
    "dataFormat": "twistlockJSON"
  }
}
' \
  --form testArtifact=@test-result/twistlock.json

Payload schema

The following shows the schema for the payload. Replace the angle brackets with your values for the parameters.


{
  "tenant_id": "<tenant_id>",    // required Tenant ID
  "metricName": "<metric_name>", // optional: name for recurring test set
  "application": {
    "name": "<application_name>"  //Name of application
  },
  "record": {
    "recordName": "<record_name>", // optional: Name for this record
    "executionDate": 1547983466015, // optional: UNIX Epoch
    "pluginType": "twistlock",
    "dataFormat": "twistlockJSON",
    "metricsRecordUrl": "<Jenkins_build_url>" // optional: To link the Jenkins build with test results
  },
  "build": {  // Optional: One of the following fields must be included 
    "buildId": "<build_id>",
    "jobExternalId": "<external_job_id>",
    "url": "<build_url>",
  },
  "commitId": "<commit_id>",  // optional
  "pullRequestId": "<pullrequest_id>", // optional
  "environment": "<environment_name>" // optional
}