When having multiple components/microservices in the same repo (monorepo), I cannot test each of them, because the container scanning (+sast+dast) requires exact job name.

Problem to solve

Support job names other than: sast, container_scanning, dast.

Further details

As in this example project, I have 2 service. I would like to be able to test all of them, if their directory has been changed and they are rebuilt. Currently, if I run clair for both of them, the gl-container-scanning-report.json file will be overwritten.

Proposal

What does success look like, and how can we measure that?

Capture clair output for each container image tested and show it on Merge Request page.

Links / references