Skip to content

Security Analyzer: container-scanning merge to origin

Summary

The final item of Convert all GitLab Secure (security scanning) i... (&6 - closed) is to merge these changes to the primary product repository (https://gitlab.com/security-products/container-scanning)

Details

To make this a part of the product itself, the changes of this repository's primary branch (distroless) must be merged to the origin.

To perform this work:

  1. Ensure distroless includes and is compatible with the current state of the upstream primary (master) by merging that branch into the working branch of this project.
    • Fetch master, merge main into distroless, push to repository.
  2. Prepare an within this project to test merge to master, do not merge.
    • Mark as Draft, add note in description with DO NOT MERGE.
  3. Prepare an MR to the primary repository only after the previous step shows as safe.
    • Follow normal process. This MR, being a large change, will need a confirmed review from >1 maintainer.

Further

See also https://gitlab.com/gitlab-com/gitlab-OKRs/-/work_items/7017#deliverables

Acceptance

  • Changes from this repository for the Distroless implementation are merged to the primary repository
Edited by Jason Plum