18.0 Planning Issue - Secret Detection

🔒 Secure, Secret Detection - Milestone Planning

This is a planning issue for Category:Secret Detection which is maintained by groupsecret detection.

^{See the group handbook page for more about this issue and how it fits into group workflows.}

Milestone Key Dates

• Start Date: 2025-04-12
• Code Freeze: 2025-05-09
• Release Date: 2025-05-15

Narrative

Secret Detection in Job Artifacts

In %18.0 we will have a technical plan in place and issues created for [Experiment] - Detect secrets in job artifacts (&16693). We will also be kicking off development work for the experiment this milestone.

We will be finalizing, vision, and user workflows for GA.

• Epic

Validity Checks for Secret Detection

All engineering work for the experiment iteration is finished we will be using 18.0 to test and instrumentation. We will also be refining beta, have a technical plan in place and create issues.

• Epic

Enable SPP for all GitLab-owned projects

In %18.0 all three phases (low, medium, and high traffic projects) will have been rolled out successfully. At the end of the milestone secret push protection will be enabled for all GitLab owned projects!

• Epic

Enable Secret Push Protection on all Public Projects

In this milestone, we'll define a technical proposal, have the work broken down into issues, and a rollout strategy identified for the different tiers and project visibility. We will also kick off implementation efforts in this milestone.

• Epic

Secrets Analyzer - %18.0 improvements

We have a number of improvements and changes requested to be made to our secrets analyzer. In 18.0 will we complete all of these improvements.

• Epic

Deprecations

groupsecret detection has no removals or breaking changes for %18.0. We will close out any outstanding deprecation issues and be sure all deprecation entries are updated to reflect non-breaking changes.

• Epic

Priorities

Key items to deliver

This section lists items that should be ready to deliver (or at least to move forward). Many of these items should be defined as ~Deliverable items, assuming they are feasible to deliver in the milestone.

typefeature

---
display: table
fields: title, assignee, labels("workflow::*"), labels("Deliverable"),state, milestone
---
label = "group::secret detection" AND label = "type::feature" AND milestone = "18.0" AND assignee!="abellucci" AND assignee != "phillipwells" AND label != "workflow::planning breakdown" AND label != "workflow::refinement" AND label != "workflow::problem validation" AND label != "workflow::design"

typemaintenance

---
display: table
fields: title, assignee, labels("workflow::*"), labels("Deliverable"), state, milestone
---
label = "group::secret detection" AND label = "type::maintenance" AND milestone = "18.0" AND assignee!="abellucci" AND assignee != "phillipwells" AND label != "workflow::planning breakdown" AND label != "workflow::refinement" AND label != "workflow::problem validation"

typebug

---
display: table
fields: title, assignee, labels("priority::*"), labels("severity::*"), labels("workflow::*"), labels("Deliverable"), state, milestone
---
label = "group::secret detection" AND label = "type::bug" AND milestone = "18.0" AND assignee!="abellucci" AND assignee != "phillipwells" AND label != "workflow::planning breakdown" AND label != "workflow::refinement" AND label != "workflow::problem validation"

Looking forward

This section lists items that are in earlier stages of planning. Refining them is an important part of this milestone because it sets us up to work on them in the following milestones. Primary areas of responsibility are listed, but everyone can contribute!

This is almost certainly more than we can take on. Items that are marked as Deliverable are expected to be workflowready for development by the end of the milestone.

---
display: table
fields: title, assignee, labels("workflow::*"), labels("type::*"), labels("Deliverable"), state, milestone
---
label = "group::secret detection"  AND label in ("workflow::planning breakdown","workflow::refinement","workflow::problem validation") AND milestone = "18.0" AND assignee!="abellucci"

Please suggest others or add them directly.

Product

This section includes other Product and UX context that may not fit into the Looking forward section above.

Product Manager: @abellucci

---
display: table
fields: title, assignee, state, milestone
---
label = "group::secret detection" AND label != "Planning Issue" AND milestone = "18.0" AND assignee = "abellucci"

UX

---
display: table
fields: title, assignee, state, milestone
---
label = "group::secret detection" AND label != "Planning Issue" AND milestone = "18.0" AND label = "workflow::design"

Documentation

This section includes group inputs and the plan for Technical Writing in the milestone.

Technical Writing stable counterpart: @phillipwells

---
display: table
fields: title, assignee, state, milestone
---
label = "group::secret detection" AND milestone = "18.0" AND assignee = "phillipwells"