Default credentials
Container scanning uses DOCKER_USER and DOCKER_PASSWORD (https://docs.gitlab.com/ee/user/application_security/container_scanning/) for authenticated registries.
The new analyzer using Trivy doesn't use these variables, forcing users to set TRIVY_USERNAME and TRIVY_PASSWORD manually.
We want to avoid this manual setup and, more importantly, maintain the existing behaviour.
Edited by Thiago Figueiró