Recommended installation instructions for container scanning creates dashboard noise
The documentation for container scanning encourages scanning a container built with each unique SHA. This means that any vulnerabilities found will be resolved when a new commit is added to a branch. This will cause a lot of noise on the dashboard.
Example of this problem is shown in this video.
https://www.loom.com/share/25c2c04c930447e9843325e489bdfa32
Implementation Plan
-
documentation Update the Configuration section in doc/user/application_security/container_scanning/index.md to follow the script in Jobs/Build.gitlab-ci.yml or to use:
include:
- template: Jobs/Build.gitlab-ci.yml
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.