Identify potential blockers for .com support
Overview
This issue aims to identify any potential blockers we may have to enable the pre-receive secret detection feature on .com
. We currently support Dedicated as part of the work done in the MVC, but we want to explore what's beyond that in terms of supporting other types of instances.
Potential Blockers
Below is a list of blockers we want to clarify if needed to unblock support for .com
.
-
Granular (i.e. group/project-level) settings.
For more information and background, please read below.
Granular (i.e. group/project-level) settings
At the moment, toggling the feature on/off is achieved via an instance-level setting.
This was done deliberately because the feature was aimed for Dedicated customers from the get-go, and Dedicated doesn't support feature flags (at the time of writing this). However, this setup will not work well for every customer, and as we plan to make this feature available on self-managed and .com
, we have to make the settings more granular and available per project and/or group.
Doing so will not only increase adoption of the feature, but will also make it possible to integrate the feature with security policies in such a way that a customer could enforce a pre-receive secret detection scan based on their own use cases.