Working with docker windows

What does this MR do?

I successfully built and used security-code-scan "docker on windows" for WebGoat.NET

I don't think we can easily combine "classic" security-code-scan and "framework" security-code-scan as they don't use the same base docker images and it may require to push multiple flavor for each .NET framework version depending on projects.

I pushed the two images on dockerhub if you want a quick try.

From windows and with a docker on windows server :

git clone https://github.com/jerryhoff/WebGoat.NET
cd WebGoat.NET
docker run --interactive --tty --rm --volume "%cd%":C:\tmp\app --env CI_PROJECT_DIR=C:\tmp\app\WebGoat agix/security-code-scan-framework:3.5_3.2.0

I didn't take time to use it directly from gitlab ci with sast but I bet SAST_ANALYZER_IMAGES would do the trick (and I have to figure it out how to tell sast to use my image in case this is dotnet-framework project)

I also need more project to test on, so help is appreciated.

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab-ee/issues/6289

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer