- name: "Secure and Protect analyzer images published in new location"
  announcement_milestone: "14.8"
  announcement_date: "2022-02-22"
  removal_milestone: "15.0"
  removal_date: "2022-05-22"
  breaking_change: true
  reporter: connorgilbert
  body: |  # Do not modify this line, instead modify the lines below.
    GitLab uses various [analyzers](https://docs.gitlab.com/ee/user/application_security/terminology/#analyzer) to [scan for security vulnerabilities](https://docs.gitlab.com/ee/user/application_security/).
    Each analyzer is distributed as a container image.

    Starting in GitLab 14.8, new versions of GitLab Secure and Protect analyzers are published to a new registry location under `registry.gitlab.com/security-products`.

    We will update the default value of [GitLab-managed CI/CD templates](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Security) to reflect this change:
      
    - For all analyzers except Container Scanning, we will update the variable `SECURE_ANALYZERS_PREFIX` to the new image registry location.
    - For Container Scanning, the default image address is already updated. There is no `SECURE_ANALYZERS_PREFIX` variable for Container Scanning.

    In a future release, we will stop publishing images to `registry.gitlab.com/gitlab-org/security-products/analyzers`.
    Once this happens, you must take action if you manually pull images and push them into a separate registry. This is commonly the case for [offline deployments](https://docs.gitlab.com/ee/user/application_security/offline_deployments/index.html).
    Otherwise, you won't receive further updates.

    See the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352564) for more details.
# The following items are not published on the docs page, but may be used in the future.
  stage: Secure
  tiers: [Free, Silver, Gold, Core, Premium, Ultimate]
  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/352564