Skip to content

Use CS_ANALYZER_IMAGE in CS template

Adam Cohen requested to merge reference-cs-image-in-template into master

What does this MR do?

This MR replaces the current image.name in the Container Scanner vendored template with an image.name that is override-able via setting a CS_ANALYZER_IMAGE variable.

The purpose of this MR is to allow downstream projects to override this CS_ANALYZER_IMAGE with a custom value. Currently, the Container Scanning QA job is defaulting to the major tag, which means that the actual behaviour of new merge requests are not tested, as shows in this qa job which is running against klar v2.6.0 instead of the registry.gitlab.com/gitlab-org/security-products/analyzers/klar/tmp:dd0ee2e7732dda0141e78f9418e73430416971b5 image which was built in the upstream job

What are the relevant issue numbers?

#284592 (closed)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing


Edited by Adam Cohen

Merge request reports

Loading