Skip to content
Snippets Groups Projects
Commit 4ac078c7 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

Merge branch '99-limit-security-reports-access-to-developer-role-and-above' into 'master'

Resolve "Limit security reports access to developer role and above"

Closes #99

See merge request to-be-continuous/docker!132
parents 421473a3 29a3173e
No related branches found
No related tags found
No related merge requests found
...@@ -296,7 +296,7 @@ FROM ubuntu ...@@ -296,7 +296,7 @@ FROM ubuntu
RUN cd /tmp && echo "hello!" RUN cd /tmp && echo "hello!"
``` ```
In addition to a textual report in the console, this job produces the following reports, kept for one day: In addition to a textual report in the console, this job produces the following reports, kept for one day and only available for download by users with the Developer role or higher:
| Report | Format | Usage | | Report | Format | Usage |
| -------------------------------------------- | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | -------------------------------------------- | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
...@@ -434,7 +434,7 @@ It is bound to the `package-test` stage, and uses the following variables: ...@@ -434,7 +434,7 @@ It is bound to the `package-test` stage, and uses the following variables:
| `trivy-db-repository` / `DOCKER_TRIVY_DB_REPOSITORY` | OCI repository to retrieve Trivy Database from | _none_ (use Trivy default `ghcr.io/aquasecurity/trivy-db`) | | `trivy-db-repository` / `DOCKER_TRIVY_DB_REPOSITORY` | OCI repository to retrieve Trivy Database from | _none_ (use Trivy default `ghcr.io/aquasecurity/trivy-db`) |
| `trivy-java-db-repository` / `DOCKER_TRIVY_JAVA_DB_REPOSITORY` | OCI repository to retrieve Trivy Java Database from | _none_ (use Trivy default `ghcr.io/aquasecurity/trivy-java-db:1`)\_ | | `trivy-java-db-repository` / `DOCKER_TRIVY_JAVA_DB_REPOSITORY` | OCI repository to retrieve Trivy Java Database from | _none_ (use Trivy default `ghcr.io/aquasecurity/trivy-java-db:1`)\_ |
In addition to a textual report in the console, this job produces the following reports, kept for one day: In addition to a textual report in the console, this job produces the following reports, kept for one day and only available for download by users with the Developer role or higher:
| Report | Format | Usage | | Report | Format | Usage |
| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
......
...@@ -786,6 +786,7 @@ docker-hadolint: ...@@ -786,6 +786,7 @@ docker-hadolint:
artifacts: artifacts:
name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
expire_in: 1 day expire_in: 1 day
access: developer
when: always when: always
reports: reports:
codequality: codequality:
...@@ -1018,6 +1019,7 @@ docker-trivy: ...@@ -1018,6 +1019,7 @@ docker-trivy:
artifacts: artifacts:
name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
expire_in: 1 day expire_in: 1 day
access: developer
when: always when: always
paths: paths:
- "reports/docker-trivy-*" - "reports/docker-trivy-*"
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment