Spawn Docker-based analyzers
What does this MR do?
This is a full rewrite of SAST where each analyzer is implemented as a standalone Docker image. This projet now handle some kind of orchestrator that's responsible for spawning the Docker containers and merge the results into a single artifact.
This new implementation is written in Go and leverages the common library shared by the analyzers. It queries the analyzer plugins to perform compatibility check prior to pulling the image and spawning the container.
Why was this MR needed?
This is essential for ease of maintenance. Adding a new analyzer is now as simple as creating a new analyzer project using the common library. Also, this new design makes it possible to create custom analyzers in the form of Docker images that follow the conventions described in the common library.
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
Tests added for this feature/bug