Add Secret Detection token status to all other GitLab tokens
Problem to solve
In Add sidekiq worker to populate token status (#524544 - closed) • Craig Smith • 17.11, token status was recorded for all GitLab Personal Access Tokens. However, the status of other GitLab token types are not recorded.
Proposal
Update the UpdateTokenStatusWorker to find the status of the following tokens:
-
gitlab_personal_access_token -
gitlab_personal_access_token_routable -
gitlab_pipeline_trigger_token - Enable gitlab_pipeline_trigger_token for validi... (!196203 - merged) • Craig Smith • 18.2 -
gitlab_runner_registration_token - !192314 (merged) -
gitlab_runner_auth_token -
gitlab_feed_token- this is an old pattern -
gitlab_oauth_app_secret - #534788 (comment 2595059265) -
gitlab_feed_token_v2 -
gitlab_kubernetes_agent_token - Enable multiple token types for validity checks (!193885 - merged) • Craig Smith • 18.2 -
gitlab_incoming_email_token -
gitlab_deploy_token - Add Deploy Tokens to Validity Checks (!187802 - merged) • Craig Smith • 18.1 -
gitlab_scim_oauth_token - Enable multiple token types for validity checks (!193885 - merged) • Craig Smith • 18.2 -
gitlab_ci_build_token - Enable multiple token types for validity checks (!193885 - merged) • Craig Smith • 18.2 -
Ci Job TokensCI job tokens are not currently detected by Pipeline Secret Detection
Edited by Craig Smith