Track SPP scan executed metric (!203679) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This merge request adds a new event/metric for tracking how many times a push had went through Secret Push Protection.

This doesn't count the number of git push operations that takes place overall, but only the ones were we actively scan for secrets.

I have made this work for both:

When a regular scan takes place (only ultimate-based projects at the moment).
When a dark-launch scan takes place (runs on public projects on all tiers, still being rolled out).

Additional Context

Secret Push Protection is an ultimate feature, however, there's a plan to enable the feature for all public projects regardless of the tier, as part of this, we're dark-launching the feature (i.e. enabling it for all public projects, without blocking pushes) to understand the load and monitor if that will cause any performance issues. This dark-launch is currently at 10%.

So while the feature's code still resides in EE, I was hoping to have the events tracked for all tiers.

References

https://gitlab.com/gitlab-org/gitlab/-/issues/562705

MR acceptance checklist

I have evaluated this MR against the MR acceptance checklist.

Edited Sep 08, 2025 by Ahmed Hemdan

Track SPP scan executed metric

What does this MR do and why?

Additional Context

References

MR acceptance checklist

Merge request reports