Add Guidelines for Docker images to Secure Technical Documentation
Problem to solve
While working on Engineering discovery: allow secure analyzer docker containers to run as a non-root user to support OpenShift, it was determined that Secure analyzers should run as an unprivileged gitlab user instead of running as root. In order to communicate this information, we need to add it to the Secure Technical Documentation.
Further details
See related discussion here
Proposal
Add a new Guidelines for Docker Images section to the Secure Technical Documentation handbook page. These guidelines should include the following details:
Analyzers MUST be executed using an underprivileged user with the name
gitlab