Allow masking secrets for base component (!1359) · Merge requests · GitLab.org / GitLab QA

Jay McCure requested to merge jmc-hide-aigw-keys into master Aug 13, 2024

What does this MR do and why?

Moves secrets to base component so other components can utilise mask_secrets when doing docker#run. Additionally hides the two test signing keys used by the AiGateway component. Although these keys are safe to be shared, they have caused confusion (SIRT incident raised) when they were detected in the logs.

How to set up and validate

GitLab test MR using this branch -> gitlab!162801 (closed)

Keys not being printed to logs: https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730343#L362 (AIGW_SELF_SIGNED_JWT__VALIDATION_KEY and AIGW_SELF_SIGNED_JWT__SIGNING_KEY)

Regression checks: GITLAB_QA_USER_AGENT \ QA_EE_ACTIVATION_CODE: https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730343#L379 / https://gitlab.com/gitlab-org/gitlab/-/jobs/7588730295#L375

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Commits include Changelog: trailer
I have evaluated the MR acceptance checklist for this MR.

Edited Aug 15, 2024 by Jay McCure

Allow masking secrets for base component

What does this MR do and why?

How to set up and validate

MR acceptance checklist

Merge request reports