diff options
author | Seth Berger <4310743-sethgitlab@users.noreply.gitlab.com> | 2019-08-26 10:40:58 -0500 |
---|---|---|
committer | Seth Berger <4310743-sethgitlab@users.noreply.gitlab.com> | 2019-08-26 10:40:58 -0500 |
commit | c1e4e93086b44ba512193e009286001df826a671 (patch) | |
tree | 612c81298c2015b9c6b61aae536d80b1a255845d | |
parent | 336ef2a98cf74b0a49474816031657efbe14f3b2 (diff) | |
download | gitlab-ce-doc-sethgitlab-csupdate.tar.gz |
Updated container scanningdoc-sethgitlab-csupdate
Updated container scanning docs with a sample config
-rw-r--r-- | doc/user/application_security/container_scanning/index.md | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index 86491c7d74e..7b631a5a1cd 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -94,6 +94,36 @@ If you want to whitelist some specific vulnerabilities, you can do so by definin them in a YAML file named `clair-whitelist.yml`. Read more in the [Clair documentation](https://github.com/arminc/clair-scanner/blob/master/README.md#example-whitelist-yaml-file). +## Example + +The following is a sample `.gitlab-ci.yml` that will build your Docker Image, push it to the container registry and run Container Scanning. + +```yaml +variables: + DOCKER_DRIVER: overlay2 + +services: + - docker:stable-dind + +stages: + - build + - test + +include: + - template: Container-Scanning.gitlab-ci.yml + +build: + image: docker:stable + stage: build + variables: + IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA + script: + - docker info + - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY + - docker build -t $IMAGE . + - docker push $IMAGE +``` + ## Security Dashboard The Security Dashboard is a good place to get an overview of all the security @@ -125,4 +155,4 @@ docker: Error response from daemon: failed to copy xattrs: failed to set xattr " This is a result of a bug in Docker which is now [fixed](https://github.com/containerd/continuity/pull/138 "fs: add WithAllowXAttrErrors CopyOpt"). To prevent the error, ensure the Docker version that the Runner is using is `18.09.03` or higher. For more information, see -[issue #10241](https://gitlab.com/gitlab-org/gitlab-ee/issues/10241 "Investigate why Container Scanning is not working with NFS mounts"). +[issue #10241](https://gitlab.com/gitlab-org/gitlab-ee/issues/10241 "Investigate why Container Scanning is not working with NFS mounts").
\ No newline at end of file |