Skip to content

Create database table to store project-level security exclusions

What does this MR do and why?

This merge request creates a new database table project_security_exclusions to store exclusions for Secret Detection scanners (i.e. Pipeline SD and secret push protection) on the project-level. Each exclusion has a number of fields:

  • scanner: An enum used to determine which scanner this exclusion is for.
  • description: A text used to provide context on what this exclusion is for.
  • type: An enum used to determine the type of exclusion, e.g. path, pattern, or value.
  • value: A string used to store the value of exclusion, e.g. a path like spec/**/*.rb.
  • active: A boolean used to determine if an exclusion is active or disabled.

Please refer to the UX designs for more information.

Resolves #479304 (closed) partially.

Note: This merge request and subsequent merge request (1, 2) were built on top of each other using GitLab's CLI stacked diffs feature, and therefore a few things may feel a little weird since the stacked diffs feature is still experimental (e.g. there's no ability to add full commit messages so no changelog or trailers are possible).

MR acceptance checklist

I have evaluated this MR against the MR acceptance checklist.

Edited by Ahmed Hemdan

Merge request reports

Loading