Secrets Detection Job fails for large repositories
Summary
When utilizing GitLab's Secret Detection CI Template in a large repo, the number of refs may exceed the limit allowable by the operating system's exec command.
example error:
fork/exec /usr/local/bin/gitleaks: argument list too longSteps to reproduce
- add
include:
- template: Security/Secret-Detection.gitlab-ci.ymlto your CI yaml for a very large repo (hundreds of files) and create a branch that changes many of these files.
- In the attached job log, 8000+ refs are output from the
git logcommand on L33 of the template
Example Project
Customer job linked via confidential collaboration project issue, related to this.
What is the current bug behavior?
Secrets detection fails
What is the expected correct behavior?
Secrets detection should succeed.
Relevant logs and/or screenshots
tbc
Possible fixes
Edited by Jamie Reid