Report vulnerability on unsupported OS
requested to merge gitlab-community/security-products/analyzers/container-scanning:unsupported-os into master
-
Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA
What does this MR do?
This merge request allow the addition of a finding when the OS is detected to be no longer supported.
By default the feature is not enabled and can be controlled with the following variables:
Variable | Default Value | Description |
---|---|---|
CS_REPORT_OS_EOL | "" | When this variable is set and the OS is detected to be no longer supported a vulnerability will be added to the report with the severity defined by the value of the CS_REPORT_EOL_SEVERITY variable. |
CS_REPORT_EOL_SEVERITY | Critical | The severity associated with a no longer supported OS. This could be any of the possible severity. If the severity is invalid or not defined the default Critical severity will be used. |
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by 🤖 GitLab Bot 🤖