Add telemetry for client-side secret detection
Related issue: #472015 (closed);
What does this MR do and why?
This MR adds internal event tracking for client-side secret detection. The purpose is to track the number of times the warning has been shown, which is the number of times a secret has been detected.
Additionally, it captures
- the content type (i.e description / comment)
- the type of secret detected
- it only captures the first one, when multiple secrets are detected
- whether the warning was a false positive (risk was accepted) or dismissed (to verify & remove the secrets from content)
Todo: Add more test coverage
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Variants:
When a warning was dismissed | When a warning was accepted |
---|---|
How to set up and validate locally
- Visit a project's issue or MR
- Add this content in the comment / description:
glpat-12345678901234567890
- Accept / Dismisse the warning
- The track event should be triggered
Edited by Dheeraj Joshi