From 902eb8cd8e3ddc1b04f79912ec63b19760098d82 Mon Sep 17 00:00:00 2001
From: dakkar <dakkar@thenautilus.net>
Date: Sat, 3 Jan 2026 20:05:18 +0000
Subject: use more of latest gitlab configuration

---
 .gitlab/ci_templates/container_scanning.yml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 .gitlab/ci_templates/container_scanning.yml

(limited to '.gitlab/ci_templates/container_scanning.yml')

diff --git a/.gitlab/ci_templates/container_scanning.yml b/.gitlab/ci_templates/container_scanning.yml
new file mode 100644
index 0000000000..19231ba4dc
--- /dev/null
+++ b/.gitlab/ci_templates/container_scanning.yml
@@ -0,0 +1,20 @@
+# https://docs.gitlab.com/user/application_security/sast/
+include:
+  - template: Jobs/Container-Scanning.latest.gitlab-ci.yml
+
+# https://docs.gitlab.com/user/application_security/container_scanning/#scanning-archives-built-in-a-previous-job
+# https://docs.gitlab.com/user/application_security/detect/security_configuration/#error-chosen-stage-test-does-not-exist
+container_scanning:
+  stage: deploy
+
+  # SAST tools only support x64
+  tags:
+    - amd64
+
+  variables:
+    AST_ENABLE_MR_PIPELINES: 'false'
+    CS_IMAGE: "${CI_REGISTRY_IMAGE}:${REGISTRY_PUSH_TAG}"
+
+  needs:
+    - job: merge_image_manifests
+      artifacts: true
-- 
cgit v1.2.3-freya