Add vuln-type parameter to CS Trivy SBOM scan
What does this MR do?
Pass the vuln-type parameter, based on the "report language-specific findings" option to the Trivy SBOM command in container scanning, to avoid scanning non-OS packages unnecessarily. Resolves Non OS packages are present in the CycloneDX SB... (gitlab-org/gitlab#435390 - closed) • Yasha Rise • 17.1.
What are the relevant issue numbers?
gitlab-org/gitlab#435390 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Oscar Tovar