Feature proposal: Container Scanning support for Kaniko tar files
Release notes
Add release notes to docs.gitlab.com to outline the new configuration options.
Problem to solve
Some organizations who build their projects with Kaniko do not want to run privileged containers in live scan containers. Kaniko does allow for tar files to be generated, which can be scanned by Trivy. Unfortunately, we do not offer the ability for users to configure our container scanner in a way that allows them to pass the --input parameter and tar file to Trivy.
Proposal
Allow users to configure Container Scanning, where they pass the --input parameter and tar file to Trivy.
Intended users
Personas are described at https://about.gitlab.com/handbook/product/personas/
- Delaney (Development Team Lead)
- Amy (Application Security Engineer)
- Alex (Security Operations Engineer)