Merge branch '327028-enable-sec_secret_detection_ui_enable-by-default' into 'master'

Enable sec_secret_detection_ui_enable by default

See merge request gitlab-org/gitlab!58687

doc/user/application_security/configuration/index.md

@@ -49,3 +49,6 @@ You can configure the following security controls:
   - Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
 - DAST Profiles
   - Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).
+- Secret Detection
+  - Select **Configure via Merge Request** to create a merge request with the changes required to
+    enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).

doc/user/application_security/secret_detection/index.md

@@ -133,6 +133,31 @@ The results are saved as a
 that you can later download and analyze. Due to implementation limitations, we
 always take the latest Secret Detection artifact available.
 
+### Enable Secret Detection via an automatic merge request **(ULTIMATE SELF)**
+
+> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11.
+> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default.
+> - Enabled on GitLab.com.
+> - Recommended for production use.
+> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-secret-detection-via-a-merge-request). **(ULTIMATE SELF)**
+
+WARNING:
+This feature might not be available to you. Check the **version history** note above for details.
+
+There can be
+[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features).
+Refer to this feature's version history for more details.
+
+To enable Secret Detection in a project, you can create a merge request
+from the Security Configuration page.
+
+1. In the project where you want to enable Secret Detection, go to
+   **Security & Compliance > Configuration**.
+1. In the **Secret Detection** row, select **Configure via Merge Request**.
+
+This automatically creates a merge request with the changes necessary to enable Secret Detection
+that you can review and merge to complete the configuration.
+
 ### Customizing settings
 
 The Secret Detection scan settings can be changed through [CI/CD variables](#available-variables)
@@ -380,3 +405,22 @@ secret_detection:
   variables:
     GIT_DEPTH: 100
 ```
+
+### Enable or disable Configure Secret Detection via a Merge Request
+
+Configure Secret Detection via a Merge Request is under development but ready for production use.
+It is deployed behind a feature flag that is **enabled by default**.
+[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
+can opt to disable it.
+
+To enable it:
+
+```ruby
+Feature.enable(:sec_secret_detection_ui_enable)
+```
+
+To disable it:
+
+```ruby
+Feature.disable(:sec_secret_detection_ui_enable)
+```

ee/changelogs/unreleased/327028-enable-sec_secret_detection_ui_enable-by-default.yml

+---
+title: Add the ability to automatically create a basic configuration MR for Secret Detection via the Security Configuration page
+merge_request: 58687
+author:
+type: added

ee/config/feature_flags/development/sec_secret_detection_ui_enable.yml

@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/326049
 milestone: '13.11'
 type: development
 group: group::static analysis
-default_enabled: false
+default_enabled: true