Skip generating cs report
What does this MR do?
Skip generating cs report when scan is triggered from registry.
This is done to prevent ingesting vulnerabilities identified by security report in database on rails monolith side. When the env variable REGISTRY_TRIGGERED is set, we will only generate and ingest SBOM report from CS. This is a temporary change and we will remove this once gitlab-org/gitlab#459966 is resolved. Currently, we set REGISTRY_TRIGGERED when the CS job is triggered on registry push event.
What are the relevant issue numbers?
gitlab-org/gitlab#460855 (closed)
Steps to test
Run cs job with REGISTRY_TRIGGERED=true. Only sbom report should be generated.
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Aditya Tiwari