Technical discovery - Secure feature development with Windows runners

Business problem

The groupstatic analysis group has been tasked with implementing SAST for .NET framework, which requires a Windows-based environment to implement. None of our current features require - or work - in this context.

Further, windows shared runners is a capability is new to GitLab.com. There is a documented recipe for using runners on a Windows platform on self-managed instances, however the approach by which this setup is configured and works differs depending upon a customer's context.

Discovery output

1. [-] Get Docker container running on a Windows Server environment in GCP. (Docker won't work for many of our customers)
2. Identify a pattern for Secure feature development.
3. [-] Learn how to invoke Windows-based docker container from GitLab.com CI. (see note about Docker ☝)
4. Produce developer documentation for engineers in devopssecure.
5. Host a demo or brown bag for devopssecure colleagues with results of the discovery.

Scope

This discovery issue is scoped to use a similar environment to the GitLab.com shared Windows runners. We are leaving self-managed instances out of scope for the time being.