Build image from packaged release (!39) · Merge requests · GitLab.org / security-products / analyzers / gosec

Lucas Charles requested to merge build-image-from-packaged-release into master May 18, 2020

What does this MR do?

Drop multi-stage docker image in favor of fetching gosec release

By no longer relying on the upstream securego image we can keep our base images up to date with a more regularly build cycle. This addresses vulnerabilities in upstream alpine images that securego/gosec image is currently vulnerable to

Extras

Removes unnecessary setting of GO111MODULE since we are now on v1.13
Adds proper error handling of gosec analyzer execution

What are the relevant issue numbers?

Relates to gitlab-org/gitlab#215078 (closed)

Does this MR meet the acceptance criteria?

Changelog entry added
[-] Documentation created/updated for GitLab EE, if necessary
[-] Documentation created/updated for this project, if necessary
[-] Documentation reviewed by technical writer or follow-up review issue created
Tests added for this feature/bug
Job definition updated, if necessary
Conforms to the code review guidelines
Conforms to the Go guidelines
Security reports checked/validated by reviewer

Edited Jun 16, 2020 by Daniel Paul Searles

Build image from packaged release

What does this MR do?

Extras

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports