Simplify script for v4.0.0 of secret detection
What does this MR do and why?
What does this MR do? Move script logic from template into v4.0.0 of the secret detection analyzer.
Why?
To improve maintainability by consolidating logic that was previously in the script
section of the vendored template into the analyzer.
Related MR: gitlab-org/security-products/analyzers/secrets!156 (merged)
Related issue: Bump major version for Static Analysis analyzers (#359042 - closed)
Screenshots or screen recordings
-
Default branch: This scan treats the repo as a plain repo: https://gitlab.com/zrice/historic-secrets/-/jobs/2438381761. This scan should use the
--no-git
option. -
Push event: Scans commits associated with a push event: https://gitlab.com/zrice/historic-secrets/-/jobs/2438394445
-
Historic scan: set
SECRET_DETECTION_HISTORIC_SCAN
totrue
to enable this https://gitlab.com/zrice/historic-secrets/-/jobs/2438399089
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.