include scanning

60473155 · Virgile Gerecke · 9c485282 · 60473155
Verified Commit 60473155 authored 3 years ago by Virgile Gerecke
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -6,32 +6,9 @@ stages:
 variables:
  CONTAINER_TEST_IMAGE: $CI_REGISTRY/docker/python3.9-ci:$CI_COMMIT_REF_NAME
  CONTAINER_RELEASE_IMAGE: $CI_REGISTRY/docker/python3.9-ci:latest
-  CS_ANALYZER_IMAGE: registry.gitlab.com/security-products/container-scanning:4

-container_scanning:
-  image: "$CS_ANALYZER_IMAGE"
-  stage: test
-  variables:
-    # To provide a `vulnerability-allowlist.yml` file, override the GIT_STRATEGY variable in your
-    # `.gitlab-ci.yml` file and set it to `fetch`.
-    # For details, see the following links:
-    # https://docs.gitlab.com/ee/user/application_security/container_scanning/index.html#overriding-the-container-scanning-template
-    # https://docs.gitlab.com/ee/user/application_security/container_scanning/#vulnerability-allowlisting
-    GIT_STRATEGY: none
-  allow_failure: true
-  artifacts:
-    reports:
-      container_scanning: gl-container-scanning-report.json
-      dependency_scanning: gl-dependency-scanning-report.json
-    paths: [gl-container-scanning-report.json, gl-dependency-scanning-report.json]
-  dependencies: []
-  script:
-    - gtcs scan
-  rules:
-    - if: $CONTAINER_SCANNING_DISABLED
-      when: never
-    - if: $CI_COMMIT_BRANCH &&
-          $GITLAB_FEATURES =~ /\bcontainer_scanning\b/
+include:
+  - template: Security/Container-Scanning.gitlab-ci.yml

 .build-image:
  image: