Container Scanning - Enable scan of multiple images

Problem to solve

Allow scanning multiple container images in the same pipeline as some changes might impact and introduce security issues in multiple images.

As the maintainer of a large monolithic project, I need to scan several images. This set of images may change on a semi-frequent basis, and I would like to be able to dynamically feed the list of images to Container Scanning so that I do not need to make changes to my .gitlab-ci.yml for each image.

The GitLab AppSec team also mentioned that they need to scan upwards of 40 images, and it's tedious to create separate CI jobs for each.

Intended users

Further details

Proposal

• validate all pre-requisite work is achieved (see blocking issues)
• update documentation

Permissions and Security

Documentation

Availability & Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.