Use Container Scanning for our GitLab images
Problem to solve
We create Docker images during our GitLab development in different places:
- GitLab releases
- GitLab Review Apps
- GitLab security features
- ...
We should use our Container Scanning features to check the security of those images, and figure out if we need to introduce new features to support our internal flow.
Proposal
-
Check why Container Scanning is not used in our internal projects -
Improve the feature to support our internal flow, if needed -
Enable Container Scanning for our internal flow (releases, review apps, security products, etc)