Skip to content
GitLab
Next
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    Projects Groups Topics Snippets
  • Register
  • Sign in
  • GitLab FOSS GitLab FOSS
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 23
    • Issues 23
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 0
    • Merge requests 0
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
    • Model experiments
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • GitLab FOSSGitLab FOSS
  • Issues
  • #56668
Closed (moved) (moved)
Open
Issue created Jan 22, 2019 by Fabio Busatto@bikebillyContributor

Use Container Scanning for our GitLab images

Problem to solve

We create Docker images during our GitLab development in different places:

  1. GitLab releases
  2. GitLab Review Apps
  3. GitLab security features
  4. ...

We should use our Container Scanning features to check the security of those images, and figure out if we need to introduce new features to support our internal flow.

Proposal

  • Check why Container Scanning is not used in our internal projects
  • Improve the feature to support our internal flow, if needed
  • Enable Container Scanning for our internal flow (releases, review apps, security products, etc)
Assignee
Assign to
Time tracking