Move gosec download into first Docker build stage
What does this MR do?
Move gosec download into first Docker build stage
Why:
- Downloading gosec with
ADDis convenient but caches the tarball so that it can't be removed in a later Docker layer.
This change addresses the need by:
- Move the gosec tarball download, validation, and untar into build stage.
Side effects:
- A slightly smaller Docker image is created.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
- [-] Changelog entry added
- [-] Documentation created/updated for GitLab EE, if necessary
- [-] Documentation created/updated for this project, if necessary
- [-] Documentation reviewed by technical writer or follow-up review issue created
- [-] Tests added for this feature/bug
- [-] Job definition updated, if necessary
- [-] Auto-DevOps template
- [-] Job definition example
- [-] CI Templates
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer