[MR Button] Enabling Secret Detection in the UI

Problem to solve

Currently, all enabling of Secret Detection has to take place outside of the Security & Compliance area (through files while referencing docs for instructions). Building off the configuration UI work we've done for SAST, we want to do the same for Secret Detection. This includes enabling Secret Detection from the UI, and, later (in a separate issue), we'll explore offering a configuration UI.

Intended users

User experience goal

User can easily enable Secret Detection from within the UI (without instructions in the docs)

Proposal

Add "Enable via Merge Request" button to Security & Compliance > Configuration page for Secret Detection
Button goes to an MR which shows the addition of the Secret Detection yml file to the project
After successful pipeline run, the status of Secret Detection on the Configuration page changes from Not enabled to Enable and the button is no longer there

Before enabling Secret Detection	After Secret Detection template has been successfully added

Documentation

What does success look like, and how can we measure that?

JTBD

When I'm enabling Secret Detection, I want the ability to do so from within the UI so that I don't have to read a lot of documentation and go through several tedious steps to get it setup.

Links / references

Spreadsheet with breakdown of variables

SAST & Secrets: Competitive Analysis (Mural)

Example of Secret Detection yml file (default state)

Example of SAST yml file (default state)

Secret Detection docs

Edited Nov 11, 2020 by Taylor McCaslin