Secure-Binaries.gitlab-ci.yml: use Skopeo to copy container images (!190948) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

Secure-Binaries.gitlab-ci.yml template is used to copy container images of security scanning products to local container registry, but uses Docker to do the job, which requires complex setup on Kubernetes runner, and not secure.

This MR replaces Docker with Skopeo that run perfectly on both Docker and Kubernetes runners.

References

How to set up and validate locally

Copy contents of the template into .gitlab-ci.yaml and it'll download container images of security products.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited May 12, 2025 by Dulmandakh

Secure-Binaries.gitlab-ci.yml: use Skopeo to copy container images

What does this MR do and why?

References

How to set up and validate locally

MR acceptance checklist

Merge request reports