Container Scanning Variables¶
The container scanning section of the GitLab CI/CD pipeline is designed to integrate with AccuKnox to scan Docker images for security vulnerabilities.
Here’s the table that outlines the inputs and their descriptions, along with default values:
| Input Value | Description | Default Value |
|---|---|---|
| STAGE | Specifies the pipeline stage. | test |
| DOCKERFILE_CONTEXT | The context of the Dockerfile to use for building the image. | Dockerfile |
| REPOSITORY_NAME | The name of the Docker image repository. | N/A (Required) |
| TAG | The tag for the Docker image. | "$CI_JOB_ID" |
| SEVERITY | Allows selection of severity level for the scan. Options include UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL. | UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL |
| INPUT_SOFT_FAIL | Do not return an error code if there are failed checks. | true |
| ACCUKNOX_TOKEN | The token for authenticating with the CSPM panel. | N/A (Required) |
| ACCUKNOX_TENANT | The ID of the tenant associated with the CSPM panel. | N/A (Required) |
| ACCUKNOX_ENDPOINT | The URL of the CSPM panel to push the scan results to. | cspm.demo.accuknox.com |
| ACCUKNOX_LABEL | The label created in AccuKnox SaaS for associating scan results. | N/A (Required) |