Add telemetry for client-side secret detection (!161119) · Merge requests · GitLab.org / GitLab

Dheeraj Joshi requested to merge djadmin-client-side-sd-telemetry into master Jul 30, 2024

Related issue: #472015 (closed);

What does this MR do and why?

This MR adds internal event tracking for client-side secret detection. The purpose is to track the number of times the warning has been shown, which is the number of times a secret has been detected.

Additionally, it captures

the content type (i.e description / comment)
the type of secret detected
- it only captures the first one, when multiple secrets are detected
whether the warning was a false positive (risk was accepted) or dismissed (to verify & remove the secrets from content)

Todo: Add more test coverage

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Variants:

When a warning was dismissed	When a warning was accepted

How to set up and validate locally

Visit a project's issue or MR
Add this content in the comment / description: glpat-12345678901234567890
Accept / Dismisse the warning
The track event should be triggered

Edited Aug 07, 2024 by Dheeraj Joshi

Add telemetry for client-side secret detection

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports