Container Scanning: Allow configurable allowlist path

Problem to solve

Container Scanning currently supports providing an allowlist by including a file named vulnerability-allowlist.yml which is not configurable.

The purpose of this issue is to provide a new environment variable that the user can use to configure the path to this allowlist file, such as PATH_TO_ALLOWLIST_FILE.

Intended users

Unknown

Further details

Proposal

1. Update Vulnerability AllowListing docs
2. Update the Container Scanning tool to allow passing a PATH_TO_ALLOWLIST_FILE environment variable, but fall back to vulnerability-allowlist.yml if one is not provided
3. Test this new PATH_TO_ALLOWLIST_FILE environment variable using the Container Scanning test project

Permissions and Security

What does success look like, and how can we measure that?

Allowlist for container scanning can be specified by providing a PATH_TO_ALLOWLIST_FILE file

What is the type of buyer?

Links / references

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.