Update secret-detection git log command (!77722) · Merge requests · GitLab.org / GitLab

Zach Rice requested to merge update-sd-git-log into master Jan 06, 2022

What does this MR do and why?

When doing some investigation for #349063 (closed) we discovered that the range of commits generated by git log in the secret_detection job has the potential to be wrong, and in some cases, time out the job.

This MR changes the ... operation to ... If we take main...feature as the example, the current ... syntax means "give us commits that are reachable from feature or main but not both". This means we could be including commits that are not associated with the MR when scanning for secrets. Using main..feature limits us to commits that are just in feature.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jan 06, 2022 by Zach Rice

Update secret-detection git log command

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports