Store container scanning SBoMs as reports

Proposal

Similar to Store dependency scanning SBoMs as reports (!99126 - merged) for dependency scanning, we need to make the same changes to the container scanning template once Generate SBOM in Container Scanning for Trivy-b... (#396381 - closed) has been completed.

Implementation Plan

Update the following templates:

Container-Scanning.gitlab-ci.yml
Container-Scanning.latest.gitlab-ci.yml

Add the cyclonedx report artifact:

artifacts:
  reports:
    container_scanning: gl-container-scanning-report.json
    dependency_scanning: gl-dependency-scanning-report.json
+   cyclonedx: "**/gl-sbom-*.cdx.json"

Run a manual test to ensure that the container_scanning report artifact can be downloaded from a pipeline.

Edited Mar 23, 2023 by Adam Cohen