Extra Container Scanners (Prisma Cloud aka Twistlock and Wiz)

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Feature to Dogfood

Internal users currently utilize container scanning in addition to the built-in GitLab container scanner for situations where we need to be able to analyze the results of these 3rd party scanners, regardless of their accuracy. Doing this requires CI/CD configuration and associated scripts to integrate the results inside a GitLab pipeline.

Given that we need this internally and a few customers have expressed interest in this I would like to make it publicly available. Based on discussions with @thiagocsf I believe this does not align with product vision, so I think it instead makes sense to build this as a CI/CD component project to add to the CI/CD catalog. We've discussed this internally but as part of the new project process the decision to use a new component and not build a GitLab feature needs to be documented in a dogfooding issue.

FYI @thiagocsf @greg @johncrowley

Goals

Production usage within GitLab. Additionally I'd like to share this so customers can use it without having to rewrite it themselves.

Progress Tracker

• Twistlock CI/CD Component
• Report Transformer script for Twistlock outputs
• Wiz container scan CI/CD Component
• Report Transformer script for Wiz outputs

Why Dogfooding is Important

• https://about.gitlab.com/handbook/values/#dogfooding
• https://about.gitlab.com/handbook/product/product-processes/#dogfood-everything
• https://about.gitlab.com/handbook/engineering/#dogfooding