Use diff to create remediation patch
What does this MR do?
This MR removes git-core from container scanning that was used to create remediations. It uses the diff
command instead that leads to a saving of 36MB
of space which is about 6% in reduction of the image.
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning/tmp/trivy 0f02ac041b63d66f7eba65baf1c442f990dba4ea 5d22a936bb94 31 hours ago 524MB
registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning 6 7e37c1b9248a 18 hours ago 560MB
Note that to remove git-core, I had to revert the following MRs which added fixes relating to Git:
- Disable safe.check and ensure git is available ... (!2839 - merged) through this commit
- Add check for git in remediation (!2903 - merged) via this commit
I also had to cherry-pick the commits made by @thiagocsf from this MR since danger-review bot was complaining about a commit that ends with a period.
What are the relevant issue numbers?
gitlab-org/gitlab#398992 (closed)
Does this MR meet the acceptance criteria?
-
Changelog trailer added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer /label sectionsec devopssecure groupcomposition analysis Category:Container Scanning backend
/label typemaintenance
/milestone %16.7