Migrate the security products to the vendored templates for security CI jobs
Problem to solve
Currently, the security products' CI config files refer to the templates from https://gitlab.com/gitlab-org/security-products/ci-templates/tree/master/includes. After the arrival of the vendored CI templates for security products, it creates a redundancy: the CI templates of identical content and purpose will be kept in multiple places.
Intended users
~Secure team developers
Proposal
While the ~Secure team cannot abandon this ci-templates repo because of the dev-includes
stored there, it would be still beneficial to use the vendored GitLab CI templates for the same purpose:
- reducing the number of places where the security job definitions are maintained (vendored templates and Auto DevOps template)
- dogfooding: the same vendored templates will be used by GitLab users at the same time
What does success look like, and how can we measure that?
The ~Secure team updates only the vendored templates and Auto DevOps template during the release cycle of the security products.
Links / references
Vendored CI templates for security products (epic)
/cc @gl-secure