Follow-up from "Secrets push check uses project level settings"
The following discussions from !150760 (merged) should be addressed:
-
@ahmed.hemdan started a discussion: question (non-blocking): Is there any benefit from checking these cases? I mean, if the project setting is disabled we will skip the check anyways, no?
-
@ahmed.hemdan started a discussion: suggestion (non-blocking): Shall we move this context under the one in line 126 and update it so that we have the following structure?
- when application setting is disabled
- when application setting is enabled
- when project setting is enabled
- when project setting is disabled
Also address this feedback:
question: would it be more explicit to
expect
that we never call::Gitlab::SecretDetection::Scan#secrets_scan
? It looks like there are other ways for the method to returnnil
and we're explicitly hoping it doesn't run the scan.
Edited by rossfuhrman