Secret detection exclusions
- Tier: Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
Secret detection may detect something that’s not actually a secret. For example, if you use a fake value as a placeholder in your code, it might be detected and possibly blocked.
To avoid false positives you can exclude from secret detection:
- A path.
- A raw value.
- A rule from the default ruleset
You can define multiple exclusions for a project.
Restrictions
The following restrictions apply:
- Exclusions can only be defined for each project.
- Exclusions apply only to secret push protection.
- The maximum number of path-based exclusions per project is 10.
- The maximum depth for path-based exclusions is 20.
For an overview, see Secret Detection Exclusions - Demonstration.
Add an exclusion
Define an exclusion to avoid false positives from secret detection.
Path exclusions support glob patterns which are supported and interpreted with the Ruby method
File.fnmatch
with the flags
File::FNM_PATHNAME | File::FNM_DOTMATCH | File::FNM_EXTGLOB
.
Prerequisites:
- You must have the Maintainer role for the project.
To define an exclusion:
- In the left sidebar, select Search or go to and go to your project or group.
- Select Secure > Security configuration.
- Scroll down to Secret push protection.
- Turn on the Secret push protection toggle.
- Select Configure Secret Detection ( ).
- Select Add exclusion to open the exclusion form.
- Enter the details of the exclusion, then select Add exclusion.
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support