Transition of Container Scanning feature
This issue is suppose to track transition of Container scanning feature from Protect::Container Security
(deprecated) to Secure::Composition Analysis
.
Scope
- Container Scanning analyzer project (ruby): https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning/
- Cluster Image Scanning module and related code in agentk: https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/
DRIs
Container Security | Composition Analysis |
---|---|
@mparuszewski | @hacks4oats, @adamcohen |
Timeframe
TBD
Things to do
-
Add groupcomposition analysis team as reviewers -
Set @gitlab-org/secure/composition-analysis-be
as a reviewers for automatic scanner updates (CS_REVIEWERS_GROUP_ID
variable) -
Record a walk-trough video or document about Container security projects -
Have a sync sessions when teams can share knowledge (Recording: https://www.youtube.com/watch?v=T6WbS_s2Gik) -
groupcomposition analysis reviews the walkthrough of container-security
-
groupcomposition analysis starts working on features -
Add groupcomposition analysis team as maintainers -
What else?
Edited by Oscar Tovar