Design: Secret Detection Exclusions - Vision

Background

This issue tracks work to create a designs for a secret detection allowlist that will live within GitLab's UI. The Allowlist enables customers to ignore patterns that they believe generate false positives. Must-have features are outlined in the parent epic.

Proposal

Design assets

• 🎥 Video walkthrough
• 🎨 Design file
• 🕹️ Project-level prototype
• 🕹️ Group-level prototype

Summary of proposed changes

Introduce Secret Detection Allowlist UI:

• New UI Pages: Develop dedicated pages for managing secret detection allowlists at both the project and group levels.
• Revise workflow for accessing scanner configuration: Establish a new design pattern for accessing security tool configuration parameters in the UI.

Support Cascading Configuration:

• Group-Level Cascading: Implement cascading configuration settings from the group level to streamline and simplify security management across multiple projects.

Note: The group-level allowlist is dependent on the introduction of a Group-level security configuration page. Work for that is being tracked in Design: Security Configuration UI Vision (#454344 - closed)