Forbid remote push if commit contains secrets
Problem to solve
Users may commit secrets to the repo, and then push them to a remote server (like GitLab.com).
Secret detection can be done during the pipeline, and report the problem in the MR (see https://gitlab.com/gitlab-org/gitlab-ee/issues/6719).
For some flow, this could be too late because the secret will be already available to a wide range of users.
Secret detection should be done before the commit is pushed on the remote branch, and forbidden in case it contains secrets.
There are two main problems to solve:
- detection should complete in a reasonable time, since it is a synchronous operation
- false positives may prevent legitimate commits, with no workaround to bypass them
When a new remote push is received, run secret detection on the new code and abort the push operation if secrets are found.
Report them consistently to the user.
What does success look like, and how can we measure that?
We can count the number of rejected push events due to this feature.