[go: up one dir, main page]
Skip to content

Sanitize committed secrets in GitLab.com

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Problem to solve

Sometimes project members errantly commit secrets to code. When this happens, users and/or Administrators needs a means of quickly and reliably removing all references to the secret.

This situation is manageable if it's caught before being pushed to a project in GitLab.com, however, once it is pushed, the only sure way to make sure the secret is removed is to delete the project, fix it locally, then re-create the project. This method, while comprehensive, can be highly disruptive if there are many members actively working on the project.

Intended users

Personas are described at https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/ -->

  • Sasha
  • Devon
  • Sidney
  • Sam
  • Rachel
  • Alex
  • More

Further details

While there are a number of means to modify or remove a commit locally and push the change up to the project, that still leaves the exposed secret available to view in Pipelines and by commit hash. GitLab suggests using the BFG Repo-Cleaner, but requires pretty significant setup. Neither option could reasonably be considered a 'quick' solution, which is what's required if a secret is exposed in a public project.

Proposal

Develop a solution that would allow Admins, if not project owners, to modify or delete a file or commit and cascade those changes through all areas of GitLab that might expose it including pipelines, histories, or anything else.

Permissions and Security

Instance/shared group admins and project/group owners.

Documentation

What does success look like, and how can we measure that?

An admin or owner can modify or delete a file or commit that contains a secret and that secret can no longer be found in the GitLab UI or source project stored in GitLab.com. Bonus: When a developer attempts to push to a repo that has been changed, they are advised of the change and provided with steps to update their local copy before re-pushing.

Links / references

Edited by 🤖 GitLab Bot 🤖