Use CS_ANALYZER_IMAGE in CS template
What does this MR do?
This MR replaces the current image.name
in the Container Scanner vendored template with an image.name
that is override-able via setting a CS_ANALYZER_IMAGE
variable.
The purpose of this MR is to allow downstream projects to override this CS_ANALYZER_IMAGE
with a custom value. Currently, the Container Scanning QA job is defaulting to the major tag, which means that the actual behaviour of new merge requests are not tested, as shows in this qa job which is running against klar v2.6.0
instead of the registry.gitlab.com/gitlab-org/security-products/analyzers/klar/tmp:dd0ee2e7732dda0141e78f9418e73430416971b5
image which was built in the upstream job
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
- Tested in Reference updated Container Scanning template
- Confirmed that the container scanning image built in this job was used in the downstream qa test
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Adam Cohen