RubyGems - gitlab-secret_detection - Versions diffs - 0.20.7 → 0.20.8 - Mend

gitlab-secret_detection 0.20.7 → 0.20.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/README.md +16 -9
data/lib/gitlab/secret_detection/version.rb +2 -5
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 895cf01abc75fc3d50530e201bafbfa1cefbd01471096ae7157c0f6d9e107a56
-  data.tar.gz: 5325e320aaec750875a9237de822c69a6b2948da19a06435596e3cda0305ba53
+  metadata.gz: b6825b32d5bcbbf4e249fea71941553d80ee4fbd6353c98ec539c0450d26c880
+  data.tar.gz: 3882b690256d74491871592340b7a70e296170834d61687f4892ca2a581bbb54
 SHA512:
-  metadata.gz: 031f9c7dd9fcf41ad7bda505cd1006c27146e606622c1066305914f20ed71b81815cb723f5055b4e048c9a2dd226690aaae6fdea3532c13b7150a2f069bb61a3
-  data.tar.gz: 10af4779c8efbdae7804759951b5a8eadf2503ff569ab8504867fe8c2619fccf83b12af81cd3eb6145bb9c26cf6594ce6268f0c9251ecb83356b182d62061590
+  metadata.gz: 025a923fbf1887acbb95ad67f4ce99ab20ed65d689d02aedd73cc70d8d558b974c159673e53e4db724cc6efe21c536a811a2c5b1c86eb9d9bf53cf9fc4382318
+  data.tar.gz: a46e7e0194fa0e7336fe54c67f3c2da9294aaf3ae5e00a31fa9561d97191e63e806b2514853736cd8fc9a81eefc782a4c6e04837e063e716a0838b1e0d11c677

data/README.md CHANGED Viewed

@@ -336,15 +336,22 @@ Run `ruby examples/sample-client/sample_client.rb` on your terminal to run the s
 RPC service is benchmarked using [`ghz`](https://ghz.sh), a powerful CLI-based tool for load testing and benchmarking gRPC services. More details added [here](https://gitlab.com/gitlab-org/gitlab/-/work_items/468107).
-## Project Status
+## Release Process
-Secret Detection service's status can be tracked here: https://gitlab.com/gitlab-org/gitlab/-/issues/467531
+We do three primary actions for every merge to `main` branch:
-#### Changes made in the secret detection logic that were previously not present in the Gem
+- **Build and Publish SD ruby gem to RubyGems.org**:
+  - The latest version for releasing Secret Detection gem is pulled from `Gitlab::SecretDetection::Gem::VERSION` (located at`lib/gitlab/secret_detection/version.rb`).
+  - We build a ruby gem for the code snapshot and tag it to the extract release version.
+  - The script for publising the gem to RubyGems.org is available [here](ci/scripts/publish_ruby_gem.sh).
-- [Gitlab::SecretDetection::Core::Scanner#initialize(...)](lib/gitlab/secret_detection/core/scanner.rb): To reuse the logic of ruleset parsing from a file source, we parse the ruleset file at once and pass the parsed rules around. So,
-the `initialize()` method now accepts parsed rules instead of ruleset file path
-- [Gitlab::SecretDetection::Core::Status](lib/gitlab/secret_detection/core/status.rb): `NOT_FOUND` status moved from `0` to `7` since
-gRPC reserves `0` for enums. We need to reflect this change on the Rails side too
-- [Gitlab::SecretDetection::Core::Scanner#scan(...)](lib/gitlab/secret_detection/core/scanner.rb): Introduced `rule_exclusions`, `raw_value_exclusions` and `tags` args to `scan(..)`
-method to suport [exclusions](https://gitlab.com/groups/gitlab-org/-/epics/14315) feature.
+- **Deploy SD gRPC server to GCP using Runway**:
+  - We build a docker container for the current code snapshot and tag it under `$CI_REGISTRY_IMAGE/image:$CI_COMMIT_SHORT_SHA` container registry path.
+  - The same container registry path is given as input to the Runway CI downstream which takes it forward for deploying in Staging and Production environments.
+- **Make a GitLab Release**:
+  - We use a modified version of [`upsert git tag`](https://gitlab.com/gitlab-org/security-products/ci-templates/-/blob/master/includes-dev/upsert-git-tag.ym) job where instead of fetching the version from the first changelog entry, we fetch it from `Gitlab::SecretDetection::Gem::VERSION`. The rest of the behaviour is retained i.e., creating a tag from the version and then creating a new GitLab release against that tag.
+  - The job pulls the description of the latest version entry from the [`CHANGELOG.md`](CHANGELOG.md) and uses it for the Release description.
+  - The script for creating a git tag and making GitLab release is available [here](ci/scripts/make_gitlab_release.sh).
+*NOTE: There is no logical requirement for the versions defined in `Gitlab::SecretDetection::Gem::VERSION` and latest entry of `CHANGELOG.md` to be the same. However, we expect them to be the same to keep it consistent. We've added a CI job([`validate version sync`](ci/templates/validate.yml)) that ensures the version sync between them.*

data/lib/gitlab/secret_detection/version.rb CHANGED Viewed

@@ -3,12 +3,9 @@
 module Gitlab
   module SecretDetection
     class Gem
-      # TODO: This is a temporary fix to avoid runtime issues
-      # More details are available here:
-      #  https://gitlab.com/gitlab-org/gitlab/-/issues/514015
-      #
       # Ensure to maintain the same version in CHANGELOG file.
-      VERSION = "0.20.7"
+      # More details available under 'Release Process' section in the README.md file.
+      VERSION = "0.20.8"
       # SD_ENV env var is used to determine which environment the
       # server is running. This var is defined in `.runway/env-<env>.yml` files.

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-secret_detection
 version: !ruby/object:Gem::Version
-  version: 0.20.7
+  version: 0.20.8
 platform: ruby
 authors:
 - group::secret detection
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-13 00:00:00.000000000 Z
+date: 2025-03-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc