Build image from packaged release
What does this MR do?
Drop multi-stage docker image in favor of fetching gosec release
By no longer relying on the upstream securego image we can keep our base images up to date with a more regularly build cycle. This addresses vulnerabilities in upstream alpine images that securego/gosec image is currently vulnerable to
Extras
- Removes unnecessary setting of
GO111MODULE
since we are now on v1.13 - Adds proper error handling of
gosec
analyzer execution
What are the relevant issue numbers?
Relates to gitlab-org/gitlab#215078 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added - [-] Documentation created/updated for GitLab EE, if necessary
- [-] Documentation created/updated for this project, if necessary
- [-] Documentation reviewed by technical writer or follow-up review issue created
-
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Daniel Paul Searles