Add latest changes from gitlab-org/gitlab@12-3-auto-deploy-20190916stable-branch-foss-test

2 files changed, 8 insertions, 29 deletions

diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md
index 7c24edb8558..c3f80c6a0fd 100644
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -11,7 +11,7 @@ in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.4.
 
 If you are using [GitLab CI/CD](../../../ci/README.md), you can check your Docker
 images (or more precisely the containers) for known vulnerabilities by using
-[Clair](https://github.com/coreos/clair) and [klar](https://github.com/optiopay/klar),
+[Clair](https://github.com/coreos/clair) and [clair-scanner](https://github.com/arminc/clair-scanner),
 two open source tools for Vulnerability Static Analysis for containers.
 
 You can take advantage of Container Scanning by either [including the CI job](#configuration) in
@@ -48,7 +48,7 @@ To enable Container Scanning in your pipeline, you need:
   running. If you're using the shared Runners on GitLab.com, this is already
   the case.
 - To [build and push](../../../ci/docker/using_docker_build.md#container-registry-examples)
-  your Docker image to your project's [Container Registry](../../packages/container_registry/index.md).
+  your Docker image to your project's [Container Registry](../../project/container_registry.md).
   The name of the Docker image should match the following scheme:
 
   ```text
@@ -79,7 +79,7 @@ The included template will:
 
 1. Create a `container_scanning` job in your CI/CD pipeline.
 1. Pull the already built Docker image from your project's
-   [Container Registry](../../packages/container_registry/index.md) (see [requirements](#requirements))
+   [Container Registry](../../project/container_registry.md) (see [requirements](#requirements))
    and scan it for possible vulnerabilities.
 
 The results will be saved as a
@@ -90,6 +90,10 @@ artifact available. Behind the scenes, the
 [GitLab Container Scanning analyzer](https://gitlab.com/gitlab-org/security-products/container-scanning)
 is used and runs the scans.
 
+If you want to whitelist some specific vulnerabilities, you can do so by defining
+them in a YAML file named `clair-whitelist.yml`. Read more in the
+[Clair documentation](https://github.com/arminc/clair-scanner/blob/master/README.md#example-whitelist-yaml-file).
+
 ## Example
 
 The following is a sample `.gitlab-ci.yml` that will build your Docker Image, push it to the container registry and run Container Scanning.
@@ -120,31 +124,6 @@ build:
     - docker push $IMAGE
 ```
 
-## Vulnerability Whitelisting
-
-If you want to whitelist specific vulnerabilities, you'll need to:
-
-   1. Set `GIT_STRATEGY: fetch` in your `.gitlab-ci.yml` file by following the instructions described in the
-   [overriding the Container Scanning template](#overriding-the-container-scanning-template) section of this document.
-   1. Define the whitelisted vulnerabilities in a YAML file named `clair-whitelist.yml` which must use the format described
-   in the [following whitelist example file](https://github.com/arminc/clair-scanner/blob/v12/example-whitelist.yaml).
-   1. Add the `clair-whitelist.yml` file to the git repository of your project
-
-### Overriding the Container Scanning template
-
-If you want to override the job definition (for example, change properties like
-`variables`), you need to declare a `container_scanning` job after the
-template inclusion and specify any additional keys under it. For example:
-
-```yaml
-include:
-  - template: Container-Scanning.gitlab-ci.yml
-
-container_scanning:
-  variables:
-    GIT_STRATEGY: fetch
-```
-
 ## Security Dashboard
 
 The Security Dashboard is a good place to get an overview of all the security
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 5baaa92d3d8..166a71b6fbe 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -58,7 +58,7 @@ The following languages and dependency managers are supported.
 | JavaScript ([npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/en/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [Retire.js](https://retirejs.github.io/retire.js)         |
 | Go ([Golang](https://golang.org/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7132 "Dependency Scanning for Go")) | not available |
 | PHP ([Composer](https://getcomposer.org/))  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
-| Python ([pip](https://pip.pypa.io/en/stable/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
+| Python ([pip](https://pip.pypa.io/en/stable/)) (only `requirements.txt` supported)  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
 | Python ([Pipfile](https://docs.pipenv.org/en/latest/basics/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/11756 "Pipfile.lock support for Dependency Scanning"))| not available |
 | Python ([poetry](https://poetry.eustace.io/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7006 "Support Poetry in Dependency Scanning")) | not available |
 | Ruby ([gem](https://rubygems.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [bundler-audit](https://github.com/rubysec/bundler-audit) |