►
From YouTube: How to use the SECURE_ANALYZERS_PREFIX variable
Description
Philippe Lafoucrière, Distinguished Engineer in Secure & Defend, demonstrates how to load Docker images onto an offline GitLab instance.
A
I
am
feel
perfectly
and
is
the
new
engineer
in
the
secure,
indifferent
stated
gitlab
and
today
we're
going
to
talk
about
loading,
better
images
into
your
offline
post
when
we're
saying
of
windows
were
referring
to
github
instances
that
are
completely
gapped
from
the
network
and
they
don't
have
any
access
to
the
internet.
The
problem
comes
from
the
security
features
of
key
cloud,
where
we
need
darker
images
to
be
able
to
run
required,
Nasser's
for
sass
and
dependency
scanning,
and
so
on
is
the
risers
are
not
shipping
with
it.
A
A
On
me,
so
that's
only
this
project
would
be
able
to
download
these
images
and
store
that
look
later
on
we're
going
to
talk
about
the
secure
and
the
license
prefix,
which
is
a
way
to
tell
your
github
instance
were
to
find
the
darker
images
for
all
the
security
features
to
demonstrate.
The
first
part
of
the
templates
that
been
mentioning
I'm
going
to
use
this
secure
bundle
project
that
I
created
in
github.com,
but
the
same
would
go
for
any
self
hosted
instance.
The
name
of
the
project
doesn't
really
matter.
A
What
really
matters
is
to
create
the
CI
configuration
file.
You
get
that
github
Darcy
is
dodgy
our
configuration
file
using
this
secure
binary.
Stop
it
once
I.
Add
this
file
with
this
content
to
the
repository
a
pipeline
is
going
to
be
trigger
and
that
pipeline
is
going
to
download
all
the
required
analyzers
from
the
registry
that
github.com
website
and
it's
going
to
store
this
image
so
that,
if
I
go
to
the
container
registry
of
that
project,
that
we
have
all
the
images
and
the
ready
to
be
used
by
any
project
of
that
instance.
A
But
before
being
able
to
use
these
images
directly,
I
need
to
set
up
a
variable
in
the
project
or
even
better
in
a
group.
So
to
do
that
in
a
group.
I
will
go
to
the
settings
of
that
project.
The
CI
CD
settings
and
I'm
going
to
add
a
new
variable,
so
the
same
would
go
for
a
group
I'm
doing
that
at
the
project
level
here,
but
I
can
do
that
as
the
product.
The
group
level,
as
well
I'm,
going
to
add
a
variable
named
security,
analyzer
prefix
with
the
value
of
my
new
location.
A
Please
be
sure
to
not
use
a
trailing
slash
here.
It's
going
to
break
the
job
definition
so
I'm
using
registry
that
github.com
in
this
example,
but
you
can
use
any
kind
of
hose
on
it-
should
be
your
self
hosted
instance
here,
but
I'm
using
this
new
equation,
which
is
secure,
bender
project
that
I
just
created
and
word
all
the
images
are
done
within
the
prison.
A
I,
don't
want
to
protect
this
variable
because
I
want
this
variable
to
be
using
all
the
branches
and
for
every
single
commit
that
I'm
going
to
push
to
github
so
that
I
can
run
South
dependencies,
Kennecott
are
scanning
and
so
on
so
I'm
just
added
this
variable.
Let's
take
a
look
at
the
pipelines
of
this
project.
The
previous
pipeline
that
was
created
was
running
gymnasium,
dependency
scanning
and
retired.
She
has
dependencies
can
if
I
take
a
look
at
these
jobs.
I
will
see
that
it's
using
registry
that
keep
that
but
comes.
Let's
keep
that
hold.
A
Is
it
recession
risers?
So
that's
the
default
location
of
the
genders,
a
memorizer
for
the
to
tag
I'm
going
to
trigger
a
new
pipeline
that
will
use
this
new
variable
that
I
just
created,
so
I
can
run
this
pipeline
for
master.
You
see
that
I'm
not
touching
anything
and
lots
of
dating
the
CI
configuration
in
any
way
and
I'm
going
to
run
this
pipe
run
right
away.
If
I
take
a
different
user.
A
Look
at
this
job
we're
going
to
see
that
it's
using
directly
the
new,
secure,
abandoned
location
without
any
change
again
to
the
CI
configuration
or
anything
so
I
could
just
set
up
the
driver
at
the
group
level,
and
all
the
projects
will
benefit
from
this
new
location
instantly
without
updating
or
these
projects,
one
by
one.
We
can
see
that
the
execution
is
going
normally
like
it
should
be
the
the
regular
and
the
default
location
on
which
it's
me
that
kidnapped
come.