Ensure dockerfile and dockerfile.fips scanner versions are the same (!327) · Merge requests · GitLab.org / security-products / ci-templates · GitLab

Zach Rice requested to merge feat/scanner-version-check into master Aug 11, 2022

What does this MR do?

This MR introducing a SAST only job that checks if dockerfile and dockerfile.fips scanner versions are the same

SAST analyzer w/ no Docker.fips file: https://gitlab.com/gitlab-org/security-products/analyzers/pmd-apex/-/pipelines/611213891
SAST analyzer w/ Docker.fips file: https://gitlab.com/gitlab-org/security-products/analyzers/semgrep/-/jobs/2847312056

What are the relevant issue numbers?

gitlab-org/gitlab#357564 (closed)

Does this MR meet the acceptance criteria?

Tests added for this feature/bug

Edited Aug 12, 2022 by Zach Rice