Set CS_SCHEMA_MODEL to 15 in Container Scanning CI template (!114411) · Merge requests · GitLab.org / GitLab

Adam Cohen requested to merge 364369-set-cs-schema-model-to-15 into master Mar 13, 2023

What does this MR do and why?

This MR Updates the Container Scanning CI template and sets the internal variable CS_SCHEMA_MODEL introduced in Add support for Security Report Schema 15-0-0 t... (gitlab-org/security-products/analyzers/container-scanning!2847 - merged) so that Container Scanning jobs generate reports that validate version 15-0-0 of the Security Report Schemas. See https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning/-/blob/6217479a12aedfec65d8ce3c1db58649fec3342c/lib/gcs/environment.rb#L111-113

Ref Adopt security report schema 15-0-0 in Containe... (#364369 - closed)

Testing

Tested with a Container Scanning image with support for CS_SCHEMA_MODEL (registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/trivy:8d5b1a2b14f78e6cc3e9adeb83036943871edd58):

When CS_SCHEMA_MODEL is left at the default, produces a gl-container-scanning-report.json which conforms to the 15.0.0 schema.
When CS_SCHEMA_MODEL is changed to 14, produces a gl-container-scanning-report.json which conforms to the 14.1.2 schema.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Mar 15, 2023 by Adam Cohen

Set CS_SCHEMA_MODEL to 15 in Container Scanning CI template

What does this MR do and why?

Testing

MR acceptance checklist

Merge request reports