Create database table to store project-level security exclusions
What does this MR do and why?
This merge request creates a new database table project_security_exclusions
to store exclusions for Secret Detection scanners (i.e. Pipeline SD and secret push protection) on the project-level. Each exclusion has a number of fields:
-
scanner
: Anenum
used to determine which scanner this exclusion is for. -
description
: Atext
used to provide context on what this exclusion is for. -
type
: Anenum
used to determine the type of exclusion, e.g.path
,pattern
, orvalue
. -
value
: Astring
used to store the value of exclusion, e.g. a path likespec/**/*.rb
. -
active
: Aboolean
used to determine if an exclusion is active or disabled.
Please refer to the UX designs for more information.
Resolves #479304 (closed) partially.
Note: This merge request and subsequent merge request (1, 2) were built on top of each other using GitLab's CLI stacked diffs feature, and therefore a few things may feel a little weird since the stacked diffs feature is still experimental (e.g. there's no ability to add full commit messages so no changelog or trailers are possible).
MR acceptance checklist
I have evaluated this MR against the MR acceptance checklist.
Edited by Ahmed Hemdan