Make trivy-k8s-wrapper FIPS compliant
Problem
Gitlab-agent works in -fips
mode. Operational Container Scanning (OCS)
prior to %16.9 was enabled by default. However, OCS uses the trivy-k8s-wrapper that is not -fips
compliant.
When gitlab-agent runs in fips
mode, we must disable OCS
so that the agent can run (see #439441 (closed)). This causes impact on users and prevents them from using OCS
.
Goal
Make trivy-k8s-wrapper
fips compliant.
Edited by John Crowley