Technical discovery - Secure feature development with Windows runners
Business problem
The groupstatic analysis group has been tasked with implementing SAST for .NET framework, which requires a Windows-based environment to implement. None of our current features require - or work - in this context.
Further, windows shared runners is a capability is new to GitLab.com. There is a documented recipe for using runners on a Windows platform on self-managed instances, however the approach by which this setup is configured and works differs depending upon a customer's context.
Discovery output
- [-]
Get Docker container running on a Windows Server environment in GCP.(Docker won't work for many of our customers) -
Identify a pattern for Secure feature development. - [-]
Learn how to invoke Windows-based docker container from GitLab.com CI.(see note about Docker☝ ) -
Produce developer documentation for engineers in devopssecure. -
Host a demo or brown bag for devopssecure colleagues with results of the discovery.
Scope
This discovery issue is scoped to use a similar environment to the GitLab.com shared Windows runners. We are leaving self-managed instances out of scope for the time being.
Edited by Daniel Paul Searles