Migrate agent vulnerability scanning to Trivy k8s

Why are we doing this work

Starboard is deprecated, is being merged into Trivy instead. The Starboard library which we use for agent vulnerability scanning is no longer receiving updates. We need to migrate Trivy so that we can continue to maintain the operational container scanning feature.

Relevant links

Non-functional requirements

Documentation:
Feature flag:
Performance:
Testing:

Implementation plan

In gitlab-agent replace the scanJob.scan function to:
1. Start a Trivy Pod with a trivy container image eg aquasec/trivy:0.38.3
2. Retrieve the scan report from Trivy Pod logs
Modify report.go to convert the report to the expected format.

Spike project created to validate the above implementation plan.

This thread contains context that led to this new implementation plan.

Verification steps

Auto-Summary 🤖

Discoto Usage

Points

Discussion points are declared by headings, list items, and single lines that start with the text (case-insensitive) point:. For example, the following are all valid points:

#### POINT: This is a point

* point: This is a point

+ Point: This is a point

- pOINT: This is a point

point: This is a **point**

Note that any markdown used in the point text will also be propagated into the topic summaries.

Topics

Topics can be stand-alone and contained within an issuable (epic, issue, MR), or can be inline.

Inline topics are defined by creating a new thread (discussion) where the first line of the first comment is a heading that starts with (case-insensitive) topic:. For example, the following are all valid topics:

# Topic: Inline discussion topic 1

## TOPIC: **{+A Green, bolded topic+}**

### tOpIc: Another topic

Quick Actions

Action Description

/discuss sub-topic TITLE Create an issue for a sub-topic. Does not work in epics

/discuss link ISSUABLE-LINK Link an issuable as a child of this discussion

Action	Description
`/discuss sub-topic TITLE`	Create an issue for a sub-topic. Does not work in epics
`/discuss link ISSUABLE-LINK`	Link an issuable as a child of this discussion

Last updated by this job

TOPIC Trivy k8s is currently marked as experimental #366262 (comment 1254860629)
TOPIC Resource usage of Trivy k8s #366262 (comment 1254867918)
TOPIC Unable to configure Trivy image with Trivy k8s #366262 (comment 1254931662)

Discoto Settings

---
summary:
  max_items: -1
  sort_by: created
  sort_direction: ascending

See the settings schema for details.

Edited Mar 31, 2023 by Shao Ming Tan