Container Scanning fails on GKE K8s cluster

Summary

Container Scanning is failing out of the box when used with a K8s cluster created on GKE.

Steps to reproduce

1. Create a project on GitLab.com in a namespace with Gold.
2. Create a K8s cluster (group or project level) on GKE and install all of your applications via GitLab Managed Apps.
3. Run a pipeline. 4 Observe that container scanning fails with the error listed below.

Example Project

gitlab-gold/vue-ci

• Failed job
• .gitlab-ci.yml

However, this also fails on a customers project with just the Container Scanning template include as the contents of .gitlab-ci.yml.

(If you are using an older version of GitLab, this will also determine whether the bug is fixed in a more recent version)

What is the current bug behavior?

The container scanning job fails with:

An error occurred while attempting to scan the container from registry 'registry.gitlab.com/gitlab-gold/vue-ci/master:7a2a509cc72878ab36dec079f3dd95d174e62241', exiting

What is the expected correct behavior?

The container scanning job should pass.

Output of checks

This bug happens on GitLab.com 12.3.0-pre 223d3b87fd2

ZD: https://gitlab.zendesk.com/agent/tickets/136696 (GitLab Internal)

/cc @NicoleSchwartz