Draft: Split into CE/EE image versions
Why is this change being made?
We need to build CE/EE flavours of the image so that we can ship differing Trivy databases within them.
This MR:
- introduces the
:5-ee
and:5-fips-ee
tags (as 5 is the current major version) - exposes
$EE=true
within the container and within thescript/setup.sh
build script
The $EE
environment variable gets used to switch on the license type: !2720 (905d5d49)
How to test and validate
-
:5
:docker run --rm registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/trivy:b88b07e575153b6d9cba6ec939486b39d1bb588b sh -c 'echo $EE'
-
:5-ee
:docker run --rm registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/trivy:b88b07e575153b6d9cba6ec939486b39d1bb588b-ee sh -c 'echo $EE' true
-
:5-fips
:docker run --rm registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/trivy:b88b07e575153b6d9cba6ec939486b39d1bb588b-fips sh -c 'echo $EE'
-
:5-fips-ee
:docker run --rm registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/trivy:b88b07e575153b6d9cba6ec939486b39d1bb588b-fips-ee sh -c 'echo $EE' true
Same goes for Grype, e.g.:
-
CE:
docker run --rm registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/grype:b88b07e575153b6d9cba6ec939486b39d1bb588b-ee sh -c 'echo $EE' true
Edited by Dominic Bauer