Fix bug causing zero vulnerabilities on redhat images
What does this MR do?
This MR does the following:
- Fixes an issue causing container scans on Red Hat based images to return with zero vulnerabilities. The reason why this was happening is because the
Dockerfile
didn't install therpm
package properly and only installed the/bin/rpm
executable and not all of the required library files. - Adds a new
CLAIR_TRACE
environment variable which defaults tofalse
, but when set totrue
, will print all output from theclair
server process, allowing for easier debugging of issues in the future.
Note: because this MR installs the complete rpm
package into the final Docker layer, it increases the size of the resulting Docker image from 43.5MB
to 60.2MB
.
What are the relevant issue numbers?
gitlab-org/gitlab#211873 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary gitlab-org/gitlab!28322 (merged) -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Adam Cohen