Commit 70f15d4f authored by Alex Kalderimis's avatar Alex Kalderimis

Merge branch '327028-enable-sec_secret_detection_ui_enable-by-default' into 'master'

Enable sec_secret_detection_ui_enable by default

See merge request gitlab-org/gitlab!58687
parents ff8cd574 52ef6f8a
...@@ -49,3 +49,6 @@ You can configure the following security controls: ...@@ -49,3 +49,6 @@ You can configure the following security controls:
- Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui). - Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
- DAST Profiles - DAST Profiles
- Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans). - Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).
- Secret Detection
- Select **Configure via Merge Request** to create a merge request with the changes required to
enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
...@@ -133,6 +133,31 @@ The results are saved as a ...@@ -133,6 +133,31 @@ The results are saved as a
that you can later download and analyze. Due to implementation limitations, we that you can later download and analyze. Due to implementation limitations, we
always take the latest Secret Detection artifact available. always take the latest Secret Detection artifact available.
### Enable Secret Detection via an automatic merge request **(ULTIMATE SELF)**
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11.
> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default.
> - Enabled on GitLab.com.
> - Recommended for production use.
> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-secret-detection-via-a-merge-request). **(ULTIMATE SELF)**
WARNING:
This feature might not be available to you. Check the **version history** note above for details.
There can be
[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features).
Refer to this feature's version history for more details.
To enable Secret Detection in a project, you can create a merge request
from the Security Configuration page.
1. In the project where you want to enable Secret Detection, go to
**Security & Compliance > Configuration**.
1. In the **Secret Detection** row, select **Configure via Merge Request**.
This automatically creates a merge request with the changes necessary to enable Secret Detection
that you can review and merge to complete the configuration.
### Customizing settings ### Customizing settings
The Secret Detection scan settings can be changed through [CI/CD variables](#available-variables) The Secret Detection scan settings can be changed through [CI/CD variables](#available-variables)
...@@ -380,3 +405,22 @@ secret_detection: ...@@ -380,3 +405,22 @@ secret_detection:
variables: variables:
GIT_DEPTH: 100 GIT_DEPTH: 100
``` ```
### Enable or disable Configure Secret Detection via a Merge Request
Configure Secret Detection via a Merge Request is under development but ready for production use.
It is deployed behind a feature flag that is **enabled by default**.
[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
can opt to disable it.
To enable it:
```ruby
Feature.enable(:sec_secret_detection_ui_enable)
```
To disable it:
```ruby
Feature.disable(:sec_secret_detection_ui_enable)
```
---
title: Add the ability to automatically create a basic configuration MR for Secret Detection via the Security Configuration page
merge_request: 58687
author:
type: added
...@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/326049 ...@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/326049
milestone: '13.11' milestone: '13.11'
type: development type: development
group: group::static analysis group: group::static analysis
default_enabled: false default_enabled: true
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment