Add a Continuous Vulnerability Scanning Scenario (!1361) · Merge requests · GitLab.org / GitLab QA

Will Meek requested to merge willmeek/gitlab-qa:cvs_scenario into master Sep 03, 2024

What does this MR do and why?

Adds a scenario for Continuous Vulnerability Scanning as per gitlab#462876

How to set up and validate locally

Use the GitLab spec MR from gitlab!163783 (merged) , checkout that branch secure_cvs_spec

If using ARM machine pre-pull images (you can skip on x86):

docker pull --platform linux/x86_64 -q gitlab/gitlab-ee:nightly
docker pull --platform linux/x86_64 -q gitlab/gitlab-ee-qa:nightly

Run (you can remove QA_SKIP_PULL if you skipped step 1)

gitlab-qa % GITLAB_LICENSE_MODE=test CHROME_DISABLE_DEV_SHM=true QA_SKIP_PULL=TRUE ./exe/gitlab-qa Test::Integration::ContinuousVulnerabilityScanning EE

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Commits include Changelog: trailer
I have evaluated the MR acceptance checklist for this MR.

Edited Sep 20, 2024 by Will Meek

Add a Continuous Vulnerability Scanning Scenario

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports