Skip to content

ci: add secret detection

Philippe Lafoucrière requested to merge add_secret_detection into main

Description

Add secret detection to the pipeline.

The job has been made compatible with the Merge Request pipelines workflow used in this project, which is not configured correctly btw:

The pipeline should run either for Merge Requests or Branches, but not both. This leads to have 2 pipelines running for every merge request, and security scanners not reporting their findings in the MR. Another MR must be created to fix it, this is beyond the scope of this one.

Related Issue

Resolves https://gitlab.com/gitlab-com/gl-security/engineering-and-research/inventory/-/issues/725

How Has This Been Tested?

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation
  • Chore (Related to CI or Packaging to platforms)
Edited by Tomas Vik

Merge request reports