►
Description
Kevin Chasse, a Technical Account Manager at GitLab, talks about the features to get GitLab's built-in security scanning features working in an offline environment including the recent deprecation of Docker-in-Docker (DinD) use with the scanning tools.
A
Hello,
my
name
is
Kevin
Chauncey
and
I'm,
a
Technical
Account
Manager
here
at
gala
I'm
here
to
talk
to
you
today
about
how
get
labs
security
scanning
features
work
in
offline
environments.
First,
let's
define
what
an
offline
environments
are.
Essentially,
they
are
environments
where
you're
get
live.
Instance
cannot
reach
out
to
all
the
resources
that
it
means
on
the
internet.
A
However,
not
all
installs
of
get
lab
have
that
different
cases
where
this
may
not
be
the
cases
such
as
completely
air-gapped
environments,
where
your
network
or
your
environment
has
no
physical
access
to
the
internet
whatsoever,
but
also
ones
where
there
are
limited
connectivity
may
be
firewall
rules
and
place
or
other
restrictions
put
on
the
network
by
your
organization
that
you,
as
a
gate,
lab
administrator,
don't
have
any
control
over.
Also,
some
intranet
environments
may
also
fall
into
this
category.
A
You
interact
with
vulnerabilities
or
try
to
use
our
Auto
remediation
features
they
may
or
may
not
work
depending
on
the
settings
within
your
individual
network
and
then
at
the
bottom.
We
have
our
specific
scanner,
instructions
that
have
links
directly
to
the
documents
for
each
of
the
five
different
scanners.
A
So
again,
we
have
an
overview
here
on
this
documentation,
page
of
running
in
an
offline
environment.
What
the
requirements
are.
So
in
this
case
you
have
to
have
a
runner
that
can
use
docker
kubernetes
and
you
need
a
local
docker
container
industry
that
has
a
copy
of
our
dasa
container
image,
and
so
there's
links
to
these
here
that
you
can
get
to
and
download
and
then
manually
upload
into
your
local
container
registry.
A
So
here
it
tells
you
exactly
which
docker
container
you
need
to
get
off
of
get
live.com
and
transfer
on
to
your
network,
and
then
it
also
shows
you
how
you
can
modify
your
CI
gamma
file
to
use
our
built-in
template
and
override
the
image
to
instead
of
using
the
one
that
is
on
gitlab
comm.
It
can
use
any
local
path
to
the
name
of
the
image.
A
However,
when
you
do
this,
you
make
making
his
work
in
offline
environments
even
more
difficult,
and
so
one
of
the
things
that
we
did
it
get
lab
was
remove
the
need
or
give
you
a
way
to
not
have
dr.
and
effort
turned
on
well
as
a
13-point.
Oh,
we
now
have
darn
decor
disabled
by
default,
so
before
in
in
the
twelfth
of
X
series,
it
was
enabled
by
default
and
now
is
disabled
by
default.
If
you
need
to
enable
it
there's
instructions
here
and
here
I'm
on
the
get
lab,
30
no
release
blog.