Rename whitelist to allowlist in Container Scanning
Summary
The Container Scanning tool currently makes use of a vulnerability whitelist
file named clair-whitelist.yml
which is documented here.
Since Whitelist/Blacklist have connotations about value and map to racial terms, we should rename clair-whitelist.yml
to vulnerability-allowlist.yml
.
Implementation Plan
-
Change whitelist references in the GitLab Container Scanning tool to use the term allowlist
-
Maintain backwards compatibility so that either a clair-whitelist.yml
orvulnerability-allowlist.yml
file can be provided. -
Update the GitLab Container Scanning documentation to rename Vulnerability whitelisting
toSpecifying a list of allowed vulnerabilities
and change allwhitelist
references to useallowlist
instead. -
Update container scanning test project to use vulnerability-allowlist.yml
Involved components
Testing
SET should include in any end to end test the following functionality
- Usage of
vulnerability-allowlist.yml
- Backward compatibility to allow either
clair-whitelist.yml
orvulnerability-allowlist.yml
Edited by Can Eldem