Revoke Google Cloud tokens discovered on GitLab.com public repositories
## Goal
Protect users by sending any Google Cloud credentials found on GitLab.com public repositories to Google for handling.
## Details
Google would like us to send them the following credentials when we detect them publicly accessible on GitLab.com:
- Google Cloud service account keys
- Google API keys
- OAuth secrets (added later)
They will provide API details to us, which we will record in confidential issue https://gitlab.com/gitlab-org/gitlab/-/issues/375195.
## Confidentiality
See internal note: https://gitlab.com/groups/gitlab-org/-/epics/8835#note_1434684136
## Materials
- [Meeting notes (team members only)](https://docs.google.com/document/d/14DMAVQQFk6wy8ZVJgesPnz1QKa2wPP0TuWZZ1aJqkVI/edit#)
- [Legal coordination issue (team members only)](https://gitlab.com/gitlab-com/legal-and-compliance/-/issues/1143)
- Thread about when to announce this partnership: https://gitlab.com/groups/gitlab-org/-/epics/8835#note_1312777018
epic