[CS For Registry] Skip generating CS report when triggered from registry
Description
This is done to prevent ingesting vulnerabilities identified by security report in database on rails monolith side. When the env variable REGISTRY_TRIGGERED is set, we will only generate and ingest SBOM report from CS. This is a temporary change and we will remove this once #459966 is resolved. Currently, we set REGISTRY_TRIGGERED when the CS job is triggered on registry push event.
User Impact
No direct user impact as this is a backend implementation. Although, make sure that user does not see the vulnerabilities created by registry event in development or OCS vulnerability tab.
Non-functional requirements
-
Benchmarking: Assess the performance impact of using the newly introduced data for filtering. -
Testing: Add unit tests/specs.
Verification steps
Run cs job with REGISTRY_TRIGGERED=true. Only sbom report should be generated.
Edited by Aditya Tiwari