Consider including blob metadata in responses of ListAllBlobs and ListBlobs RPCs
Overview
As part of the work on pre-receive secret detection in the experimental phase (&11587 (closed)), it is necessary to display a set of blob metadata to the user when a secret is detected:
- Commit SHA/ID
- File path
- Line number
And seeing as both responses of ListAllBlobs
and ListBlobs
RPCs does not return some or all of them, this issue aims to explore the different options to ensure such metadata is available when fetching blobs in the monolith during a push check.
Options
Here are the options that needs to be considered:
- Update one or both of the existing RPCs response to make sure the metadata is available.
- Introduce a new RPC to list blobs and their metadata: as in, something like
ListAllBlobs
but includes metadata in the response. - Use a different set of RPCs to fetch blobs and their metadata: perhaps another RPC already exist that we can use?
Given that groupstatic analysis haven't worked that often with gitaly
, it is unclear to us at the moment which option makes the most sense, and some guidance here would be very helpful.