Gitlab docker image scanning: very poor options and workflow

Hi everyone

Am I the only one who finds the image scan workflow in Gitlab very poor ?

I noticed that it is very simple, we can scan an image in the pipeline just by including a template in the Ci file “template: Security/Container-Scanning.gitlab-ci.yml” but the image must already be pushed to the registry before the scan is done (no way to make the scan before pushing it and decide depending on the founded vulnerabilities wether to push it or no). Also there is no much options to control and use the scan results, for example make the pipeline fail if some vulnerabilities level are found.

What is your experience using it ? any workarround to use more features like github ?

Regards

1 Like