Document all git fetch scenarios

Aditya Tiwarirequested to merge
557860-document-git-fetch-updates into master

What does this MR do and why?

Updates the Pipeline Secret Detection documentation to explain how the analyzer fetches commits and clarify the relationship between GIT_DEPTH and scanning behavior.

📝 Documentation changes

New sections added:

  • "How the analyzer fetches commits" - Explains automatic fetching strategies for MRs, custom log options, and historic scans
  • "Fallback behavior" - Documents what happens when fetching fails
  • "Initial repository clone depth" - Clarifies GIT_DEPTH relationship

Updated troubleshooting:

  • "Couldn't run the gitleaks command: exit status 2" - Simplified explanation with clear solutions
  • "Adjusting GIT_DEPTH doesn't change what gets scanned" - New entry with examples showing correct vs incorrect configuration
  • "Force push detection" - Documents expected behavior after force pushes
  • "Repository trust configuration" - Explains safe.directory messages

Why is this needed?

Users frequently misunderstand:

  • That GIT_DEPTH only affects the runner's initial clone, not what gets scanned
  • How the analyzer handles missing commits
  • What the various log messages mean

This documentation helps users understand the analyzer's behavior and troubleshoot issues more effectively.

Edited by Aditya Tiwari

Merge request reports