Skip to content

Use new location for container-scanning analyzer

What does this MR do?

Use a new location for the analyzer image.

Related issue: https://gitlab.com/gitlab-org/gitlab/-/issues/330671

The change ignores documented variables CS_MAJOR_VERSION, SECURE_ANALYZERS_PREFIX, CS_PROJECT in favour of CS_ANALYZER_IMAGE. This is in preparation for making Trivy the default scanner (#331050 (closed)), which has a draft MR in place.

Documentation updates will be done in !61850 (merged) as part of renaming container_scanning_new to container_scanning. This needs to wait until we have a 14.0 branch so we don't accidentally release the breaking change in a patch version.

The updated version of this template was tested here and the job succeeds.

Screenshots (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #330671

Edited by Thiago Figueiró

Merge request reports

Loading