Skip to content

Enable container scanning

Costel Maxim requested to merge cmaxim_container_scan into master

What does this MR do?

The purpose of this MR is to enable container scanning once built.

Why was this MR needed?

Trying to go through this list and setup triggers, a trigger token is needed.
More details can be found in Container Scanning of Production Containers, a requirement to scan images that are used in production.

What's the best way to test this MR?

A scanning job will be triggered in https://gitlab.com/gitlab-com/gl-security/appsec/container-scanners once a new image was built.

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

  • Merge Request Title, and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Integration tests added to GitLab QA
  • The impact any change in container size has should be evaluated
Edited by John Skarbek

Merge request reports