Fix broken allowlist caused by update to schema v15
Why is this change being made?
Allowlist behavior was broken by removal of cve
field in schema v15, implemented as part of Add support for Security Report Schema 15-0-0 t... (!2847 - merged).
- Re-enable
alpine
andoraclelinux
EE integration tests now that the following have been completed: - Fix incorrect allowlist integration tests
- Add integration tests for schema v15
Testing
-
Container Scanning
v5.3.1
, with bug present-
-
✅ Report artifact for schema versionversion: "14.1.2"
shows no vulnerabilities, as expected.
-
-
-
❌ Report artifact for schema versionversion: "15.0.4"
shows vulnerabilities, which is incorrect.
-
-
-
Container Scanning
v5.3.2
, with bugfix-
-
✅ Report artifact for schema versionversion: "14.1.2"
shows no vulnerabilities, as expected.
-
-
-
✅ Report artifact for schema versionversion: "15.0.4"
shows no vulnerabilities, as expected.
-
-
What are the relevant issue numbers?
Vulnerability allowlisting no longer works with... (gitlab-org/gitlab#398187 - closed)
Edited by Adam Cohen