Set commit flag to skip secret push protection

Reuben Pereirarequested to merge
rp-add-skip-secret-protection-git-message into master

Set the [skip secret push protection] commit flag as described in https://docs.gitlab.com/user/application_security/secret_detection/secret_push_protection/#skip-when-using-any-git-client.

A previous change (!64 (merged)) to add -o secret_push_protection.skip_all to git push commands didn't work as expected (gitlab-com/gl-infra/production#20585 (comment 2768512108)). While the team investigates why that isn't working, we can make this change to skip push protection.

The merge-train project is used to sync changes between different projects such as between gitlab-org/gitlab and gitlab-org/security/gitlab.

The changes synced by the merge-train project are always changes that have already been reviewed and merged. Secret push protection should be on when the original commit author pushes their changes to their branch. By the time a commit is being pushed to another project by merge-train, it is already quite late to catch any exposed secrets.

Related to gitlab-com/gl-infra/production#20585 (closed) and https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/20491

Edited by Reuben Pereira

Merge request reports