Skip to content

🚨 Secret Detection Test - Security Widget Testing

Samantha Mingrequested to merge
secret-detection-test-v2 into main

🔍 Purpose

This merge request contains FAKE secrets to test GitLab's secret detection capabilities and verify the MR security widget functionality.

📁 Files Added

  • test_secrets.env - Environment variables with fake AWS keys, API tokens, database URLs
  • deploy.sh - Shell script with embedded credentials
  • README_TEST_SECRETS.md - Documentation

🚨 Test Secrets Included

  • AWS Access Key: AKIA1234567890EXAMPLE
  • AWS Secret Key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
  • Stripe API Keys: sk_test_1234567890abcdefghijklmnopqrstuvwxyz
  • GitHub Token: ghp_1234567890abcdefghijklmnopqrstuvwxyz12
  • JWT Tokens, Database URLs, Private Keys

Expected Results

  1. 🔄 CI/CD pipeline should trigger automatically
  2. 🛡️ Secret detection job should run and find vulnerabilities
  3. 📊 Security widget should populate with detected secrets
  4. 🚨 Multiple security findings should appear

⚠️ IMPORTANT DISCLAIMER

  • ALL SECRETS ARE COMPLETELY FAKE
  • Created specifically for testing purposes
  • No real credentials or sensitive data
  • Safe for demonstration and testing

🔬 Testing Note: This MR is designed to test the dependency list GraphQL migration and security widget functionality.

Merge request reports