I intend to integrate the container scanning functionality offered by Trivy into my CI \ CD development pipeline. In the release process that I plan to implement, after scanning with Trivy, I would need to:
- block the pipeline in case of critical / high vulnerabilities (can be done through the exit code other than 0)
- If the pipeline is blocked, the ability to bypass the blocking action would be needed if the security team gives its approval based on the artifact generated by the scan.
How can this workflow be integrated into gitlab?
Thanks in advance.