Monitor external tools used by Security Products for available updates
Description
Security Products (CodeQuality, SAST, Dependency Scanning, Container Scanning, DAST) rely on some external tools that are sometime downloaded at runtime or sometime bundled. Either way, to ensure compatibility we need to lock the version of the tools we use and only upgrade them after being validated.
This means we need to have a monitoring tool that checks the updates of these tools.
Proposal
We can leverage the scheduled pipelines to run one or multiple jobs that will check if new versions are available for these tools.
First iteration could be only about failing the job to notify the @gl-security-products team members by email but we could also post a Slack Notification to #security-products
channel.
Edited by Olivier Gonzalez