diff options
author | Stan Hu <stanhu@gmail.com> | 2019-08-07 22:05:57 +0300 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2019-08-07 22:05:57 +0300 |
commit | 4035e1391d65d70228426012618e7c4188c55e18 (patch) | |
tree | 2021b54ddeb4bcc33f02af81cb80bd3aac5f2daf | |
parent | ab498bd4f95b4f6bc9d2b235fadb7057f0ed13f8 (diff) | |
parent | e5a830bac1e129d7492bc89222bd2bee0d89734a (diff) |
Merge branch 'clair-checksum' into 'master'
Checksum clair executable
See merge request gitlab-org/gitlab-ce!31423
-rw-r--r-- | lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml index c963d6ed1c4..2afc99d0bf8 100644 --- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml @@ -25,6 +25,7 @@ container_scanning: # https://hub.docker.com/r/arminc/clair-local-scan/tags CLAIR_LOCAL_SCAN_VERSION: v2.0.8_0ed98e9ead65a51ba53f7cc53fa5e80c92169207 CLAIR_EXECUTABLE_VERSION: v12 + CLAIR_EXECUTABLE_SHA: 44f2a3fdd7b0d102c98510e7586f6956edc89ab72c6943980f92f4979f7f4081 ## Disable the proxy for clair-local-scan, otherwise Container Scanning will ## fail when a proxy is used. NO_PROXY: ${DOCKER_SERVICE},localhost @@ -44,6 +45,7 @@ container_scanning: - apk add -U wget ca-certificates - docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} - wget https://github.com/arminc/clair-scanner/releases/download/${CLAIR_EXECUTABLE_VERSION}/clair-scanner_linux_amd64 + - echo "${CLAIR_EXECUTABLE_SHA} clair-scanner_linux_amd64" | sha256sum -c - mv clair-scanner_linux_amd64 clair-scanner - chmod +x clair-scanner - touch clair-whitelist.yml |