diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-30 18:09:50 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-30 18:09:50 +0300 |
| commit | 69d28d313c2a65ead87229841a50bfc130e8c952 (patch) | |
| tree | 7fb2dbe0a3d8430c3cdf02cc0adbb7f5cf3b2535 /doc/user/application_security/secret_detection | |
| parent | 6d19e491d1257b6fbc74f4cf3a30ddb28deaeaf4 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/application_security/secret_detection')
| -rw-r--r-- | doc/user/application_security/secret_detection/index.md | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index 2a06a5e22a3..2069db401f0 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -133,6 +133,31 @@ The results are saved as a that you can later download and analyze. Due to implementation limitations, we always take the latest Secret Detection artifact available. +### Enable Secret Detection via an automatic merge request **(ULTIMATE SELF)** + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11. +> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-secret-detection-via-a-merge-request). **(ULTIMATE SELF)** + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. + +There can be +[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +To enable Secret Detection in a project, you can create a merge request +from the Security Configuration page. + +1. In the project where you want to enable Secret Detection, go to + **Security & Compliance > Configuration**. +1. In the **Secret Detection** row, select **Configure via Merge Request**. + +This automatically creates a merge request with the changes necessary to enable Secret Detection +that you can review and merge to complete the configuration. + ### Customizing settings The Secret Detection scan settings can be changed through [CI/CD variables](#available-variables) @@ -380,3 +405,22 @@ secret_detection: variables: GIT_DEPTH: 100 ``` + +### Enable or disable Configure Secret Detection via a Merge Request + +Configure Secret Detection via a Merge Request is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:sec_secret_detection_ui_enable) +``` + +To disable it: + +```ruby +Feature.disable(:sec_secret_detection_ui_enable) +``` |