diff options
author | Achilleas Pipinellis <axil@gitlab.com> | 2019-08-26 19:31:07 +0000 |
---|---|---|
committer | Achilleas Pipinellis <axil@gitlab.com> | 2019-08-26 19:31:07 +0000 |
commit | 8c5f583abfb21fb826a2fe34060f9d6f22e88b8d (patch) | |
tree | f273d8e184866efe82869e347704f3bf81cf83e1 | |
parent | 840540e33b335bee01d79521a674b8710d89d265 (diff) | |
parent | 317586379ab1afc9e6505b61d4d364caf7a48db8 (diff) | |
download | gitlab-ce-8c5f583abfb21fb826a2fe34060f9d6f22e88b8d.tar.gz |
Merge branch 'doc-sethgitlab-csupdate' into 'master'
Added sample to container scanning
See merge request gitlab-org/gitlab-ce!32166
-rw-r--r-- | doc/user/application_security/container_scanning/index.md | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index 86491c7d74e..7b631a5a1cd 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -94,6 +94,36 @@ If you want to whitelist some specific vulnerabilities, you can do so by definin them in a YAML file named `clair-whitelist.yml`. Read more in the [Clair documentation](https://github.com/arminc/clair-scanner/blob/master/README.md#example-whitelist-yaml-file). +## Example + +The following is a sample `.gitlab-ci.yml` that will build your Docker Image, push it to the container registry and run Container Scanning. + +```yaml +variables: + DOCKER_DRIVER: overlay2 + +services: + - docker:stable-dind + +stages: + - build + - test + +include: + - template: Container-Scanning.gitlab-ci.yml + +build: + image: docker:stable + stage: build + variables: + IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA + script: + - docker info + - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY + - docker build -t $IMAGE . + - docker push $IMAGE +``` + ## Security Dashboard The Security Dashboard is a good place to get an overview of all the security @@ -125,4 +155,4 @@ docker: Error response from daemon: failed to copy xattrs: failed to set xattr " This is a result of a bug in Docker which is now [fixed](https://github.com/containerd/continuity/pull/138 "fs: add WithAllowXAttrErrors CopyOpt"). To prevent the error, ensure the Docker version that the Runner is using is `18.09.03` or higher. For more information, see -[issue #10241](https://gitlab.com/gitlab-org/gitlab-ee/issues/10241 "Investigate why Container Scanning is not working with NFS mounts"). +[issue #10241](https://gitlab.com/gitlab-org/gitlab-ee/issues/10241 "Investigate why Container Scanning is not working with NFS mounts").
\ No newline at end of file |