Bump secret-detection-rules to version v0.18.0 for Pipeline and Push Protection

Context

SD rules introduces following new rules across the versions:

v0.18.0

1. Kubernetes Service Account Token (SPP and Pipeline)
2. Hashicorp Vault Service Token (SPP and Pipeline)
3. Splunk Authentication Token (SPP and Pipeline)
4. Splunk HTTP Event Collector(HEC) Token (Pipeline only)
5. GCP Vertex Express Mode Key (SPP and Pipeline)

v0.17.0

1. Azure EventGrid Access Key (Pipeline only)
2. Azure Functions API Key (SPP and Pipeline)
3. Azure OpenAI API Key (Pipeline only)
4. Azure Logic App SAS (SPP and Pipeline)
5. Azure SignalR Access Key (SPP and Pipeline)
6. AWS Bedrock Key (Pipeline only)
7. DataDog API Key (Pipeline only)
8. LangChain API Key (SPP and Pipeline)
9. Okta API Token (SPP and Pipeline)
10. Okta Client Secret (Pipeline only)

Implementation plan

• Follow the release procedure outlined in https://gitlab.com/gitlab-org/security-products/secret-detection/secret-detection-rules#release-process
  • Secret Detection Analyzer MR: Update SD Rules version to 0.18.0 (gitlab-org/security-products/analyzers/secrets!423 - merged)
  • Secret Detection Gem (for Push Protection) MR: Update Ruleset version to 0.18.0 (gitlab-org/security-products/secret-detection/secret-detection-service!143 - merged)
• GitLab Rails MR: Update gitlab_secret-detection gem to 0.37.0 (!208618 - merged)
• Documentation MR: Update SD Rule Support matrix to include new rules (!208454 - merged)
• Release Post Issue: RP item for updated SD ruleset (gitlab-com/www-gitlab-com!141436)

GitLab Rails: Gem Update Instructions

Run the following commands in the gitlab directory to update the gem:

$ bundle install
$ mise exec -- bundle update --conservative gitlab-secret_detection
$ bundle exec rake bundler:gemfile:sync

Release Post Issue Template

Example Reference: gitlab-com/www-gitlab-com!141272 (merged)

Template:

---
features:
  secondary:
  - name: "Increased rule coverage for secret push protection and pipeline secret detection"
    available_in: [free, premium, ultimate]
    gitlab_com: true
    self_managed: true
    gitlab_dedicated: true
    add_ons: []
    documentation_link: 'https://docs.gitlab.com/user/application_security/secret_detection/detected_secrets'
    reporter: abellucci
    stage: application_security_testing
    categories:
    - Secret Detection
    issue_url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/573973'
    description: |
      GitLab's pipeline secret detection now includes additional rules in [version <version>](https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/releases/<version>) of the secrets analyzer. We've also refined existing rules to improve detection quality and minimize false positives.