Design a way to bring together container scanning and the container registry
The following page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.
Problem to solve
https://docs.gitlab.com/ee/user/application_security/container_scanning/#container-scanning-ultimate currently requires a GitLab CI to be configured.
Why are containers not scanned when pushed to a GitLab container registry ?
Intended users
Further details
- Docker Enterprise Security Scan - https://docs.docker.com/ee/dtr/user/manage-images/scan-images-for-vulnerabilities/
- https://coreos.com/quay-enterprise/docs/latest/security-scanning.html
Proposal
Scan all containers automatically when it is pushed into a GitLab container registry.
Permissions and Security
Documentation
Testing
What does success look like, and how can we measure that?
What is the type of buyer?
Links / references
The implementation work for this is blocked by &2313 (closed)