17.11 Planning Issue - Secret Detection

🔒 Secure, Secret Detection - Milestone Planning

This is a planning issue for Category:Secret Detection which is maintained by groupsecret detection.

^{See the group handbook page for more about this issue and how it fits into group workflows.}

Milestone Key Dates

• Start Date: 2025-03-15
• Code Freeze: 2025-04-11
• Release Date: 2025-04-17

Narrative

Secret Detection in Job Artifacts

In %17.11 we will have a technical plan in place and issues created for [Experiment] - Detect secrets in job artifacts (&16693). We will also be kicking off development work for the experiment this milestone.

We are wrapping up UX Research: Understand secrets leaked outside ... (ux-research#3371 - closed) • Alana Bellucci, Erika Feldman+ • 17.10 and will be working on the finalized design, vision, and user workflows for GA.

• Epic

Validity Checks for SD findings

All engineering work for the experiment iteration will be wrapped up or in review. This gives us the entire 18.0 milestone to finalize, test and address any bugs or issues that come up.

We will use %17.11 to refine the beta, have a technical plan in place and create issues.

• Epic

Transition SDS from Passive to Active Mode

In %17.11 we will finalize the beta production readiness review. In addition to this, we'll work on initiatives that will increase the flow of traffic to the SDS. This will help us gather enough data and confidence to make the switch to Active mode in an upcoming milestone.

• Epic

Enable SPP for all GitLab-owned projects

In %17.11 all three phases (low, medium, and high traffic projects) will have been rolled out successfully. At the end of the milestone secret push protection will be enabled for all GitLab owned projects!

• Epic

Enable Secret Push Protection on all Public Projects

In this milestone, we'll define a technical proposal, have the work broken down into issues, and a rollout strategy identified for the different tiers and project visibility. We will also kick off implementation efforts in this milestone.

• Epic

Priorities

Key items to deliver

This section lists items that should be ready to deliver (or at least to move forward). Many of these items should be defined as ~Deliverable items, assuming they are feasible to deliver in the milestone.

typefeature

---
display: table
fields: title, assignee, labels("workflow::*"), labels("Deliverable"),state, milestone
---
label = "group::secret detection" AND label = "type::feature" AND milestone = "17.11" AND assignee!="abellucci" AND assignee != "phillipwells" AND label != "workflow::planning breakdown" AND label != "workflow::refinement" AND label != "workflow::problem validation"

typemaintenance

---
display: table
fields: title, assignee, labels("workflow::*"), labels("Deliverable"), state, milestone
---
label = "group::secret detection" AND label = "type::maintenance" AND milestone = "17.11" AND assignee!="abellucci" AND assignee != "phillipwells" AND label != "workflow::planning breakdown" AND label != "workflow::refinement" AND label != "workflow::problem validation"

typebug

---
display: table
fields: title, assignee, labels("priority::*"), labels("severity::*"), labels("workflow::*"), labels("Deliverable"), state, milestone
---
label = "group::secret detection" AND label = "type::bug" AND milestone = "17.11" AND assignee!="abellucci" AND assignee != "phillipwells" AND label != "workflow::planning breakdown" AND label != "workflow::refinement" AND label != "workflow::problem validation"

Looking forward

This section lists items that are in earlier stages of planning. Refining them is an important part of this milestone because it sets us up to work on them in the following milestones. Primary areas of responsibility are listed, but everyone can contribute!

This is almost certainly more than we can take on. Items that are marked as Deliverable are expected to be workflowready for development by the end of the milestone.

---
display: table
fields: title, assignee, labels("workflow::*"), labels("type::*"), labels("Deliverable"), state, milestone
---
label = "group::secret detection"  AND label in ("workflow::planning breakdown","workflow::refinement","workflow::problem validation") AND milestone = "17.11" AND assignee!="abellucci"

Please suggest others or add them directly.

Product and UX

This section includes other Product and UX context that may not fit into the Looking forward section above.

Product Manager: @abellucci

---
display: table
fields: title, assignee, state, milestone
---
label = "group::secret detection" AND label != "Planning Issue" AND milestone = "17.11" AND assignee = "abellucci"

Documentation

This section includes group inputs and the plan for Technical Writing in the milestone.

Technical Writing stable counterpart: @phillipwells

---
display: table
fields: title, assignee, state, milestone
---
label = "group::secret detection" AND milestone = "17.11" AND assignee = "phillipwells"