in gitlab secret detection 14 ~ read.

Gitlab v14 introduces a breaking change to secrets detection job

Recently we started to get a pipeline failure in Gitlab for one of our projects. The issues was :

jobs secret detection default branch config should implement a script: or a trigger: keyword

In this project we were using Gitlab Secrets Detection jobs templates like this :

  - template: Security/SAST.gitlab-ci.yml
  - template: Security/Dependency-Scanning.gitlab-ci.yml
  - template: Security/License-Scanning.gitlab-ci.yml
  - template: Security/Secret-Detection.gitlab-ci.yml

At first, I thought that it was related to the fact that in Gitlab 14 default branch was changed from master to main, but after talking to Gitlab support, it appeared the root cause in different place :

Hello Andrew,
Thanks for reaching out.
We indeed introduced a breaking change to Secret Detection job with 14.0 release, however, it deals not with default branch name changes, 
but with us merging the two jobs secret_detection_default_branch and secret_detection. This work was done in 
Remove secret_detection_default_branch job Merge Request.
I looked through your configuration on project {project_name} and it seems like in order to fix the issue, 
you simply need to remove the secret_detection_default_branch job from the configuration.
Let me know how it goes.
Best regards,

Here's the link to the Github PR.

Happy coding :)

comments powered by Disqus
comments powered by Disqus