Secret detection for MR Widget (!28672) · Merge requests · GitLab.org / GitLab

Dheeraj Joshi requested to merge djadmin-secret-scanning into master Apr 02, 2020

What does this MR do?

This is an implementation for #212381 (closed).

Description

This enable MR Widget to show reports from Secret Scanning. The implementation is exact replica of how other scanners (SAST, DAST, Container Scanning) are integrated in the MR Widget Security Report.

Note

This is planned to go live without backend as a silent release. The changes are not visible to customers, so there is no Changelog for this MR.
To enable it from backend or test it locally, please

Set enabled_reports for secret_scanning here

secret_scanning: true

Set mockuped secret_scanning endpoint here

window.gl.mrWidgetData.secret_scanning_comparison_path = '#{sast_reports_project_merge_request_path(@project, @merge_request) if @project.feature_available?(:sast)}'

Further Improvements

Consolidate Issue Bodies - #207243 (closed)
A follow up issue to refactor complete Mr-widget Security reports - #213966 (closed)

Screenshots

When secret scanning is enabled

When secret scanning is disabled (No changes)

Edited Apr 15, 2020 by Dheeraj Joshi

Secret detection for MR Widget