Add Guidelines for Docker images to Secure Technical Documentation
Problem to solve
While working on Engineering discovery: allow secure analyzer docker containers to run as a non-root user to support OpenShift, it was determined that Secure analyzers should run as an unprivileged gitlab
user instead of running as root
. In order to communicate this information, we need to add it to the Secure Technical Documentation.
Further details
See related discussion here
Proposal
Add a new Guidelines for Docker Images
section to the Secure Technical Documentation handbook page. These guidelines should include the following details:
Analyzers MUST be executed using an underprivileged user with the name
gitlab