Merge branch 'bump-version-to-7' into 'main'

Bump version to 7

See merge request components/secret-detection!10

.gitlab-ci.yml

@@ -1,5 +1,5 @@
 include:
-  component: gitlab.com/$CI_PROJECT_PATH/secret-detection@$CI_COMMIT_SHA
+  component: $CI_SERVER_FQDN/$CI_PROJECT_PATH/secret-detection@$CI_COMMIT_SHA
 
 stages: [test, release]
 
@@ -14,11 +14,13 @@ ensure-job-added:
   script:
     - echo "Expect that a job named 'secret_detection' is added to the pipeline"
     - |
-      route="https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pipelines/$CI_PIPELINE_ID/jobs"
+      route="$CI_API_V4_URL/projects/$CI_PROJECT_ID/pipelines/$CI_PIPELINE_ID/jobs"
       count=`curl --silent $route | jq 'map(select(.name | contains("secret_detection"))) | length'`
       if [ "$count" != "1" ]; then
         exit 1
       fi
+  rules:
+    - if: ($CI_COMMIT_BRANCH || $CI_COMMIT_TAG) && $CI_SERVER_HOST =~ /gitlab.com/
 
 # Ensure that a project description exists, because it will be important to display
 # the resource in the catalog.
@@ -26,7 +28,7 @@ check-description:
   image: badouralix/curl-jq
   script:
     - |
-      route="https://gitlab.com/api/v4/projects/$CI_PROJECT_ID"
+      route="$CI_API_V4_URL/projects/$CI_PROJECT_ID"
       desc=`curl --silent $route | jq '.description'`
       if [ "$desc" = "null" ]; then
         echo "Description not set. Please set a projet description"
@@ -34,6 +36,8 @@ check-description:
       else
         echo "Description set"
       fi
+  rules:
+    - if: $CI_SERVER_HOST =~ /gitlab.com/
 
 # Ensure that a `README.md` exists in the root directory as it represents the
 # documentation for the whole components repository.

CODEOWNERS

@@ -0,0 +1 @@
+* @gitlab-org/secure/secret-detection

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 GitLab Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -40,7 +40,7 @@ This assumes `SECRET_DETECTION_DISABLED` variable is already defined in `.gitlab
 | ----- | ------------- | ----------- |
 | `stage` | `test` | The stage where you want the job to be added. |
 | `image_prefix` | `$CI_TEMPLATE_REGISTRY_HOST/security-products` | Override the name of the Docker registry providing the default images (proxy). |
-| `image_tag` | `5` | Override the default version of the `secrets` analyzer image. |
+| `image_tag` | `7` | Override the default version of the `secrets` analyzer image. |
 | `image_suffix` | `""` | Suffix added to the image name. If set to -fips, [FIPS-enabled images](https://docs.gitlab.com/ee/user/application_security/secret_detection/#use-fips-enabled-images) are used for scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
 
 ### Variables

templates/secret-detection.yml

@@ -5,7 +5,7 @@ spec:
     image_prefix:
       default: "$CI_TEMPLATE_REGISTRY_HOST/security-products"
     image_tag:
-      default: '6'
+      default: '7'
     image_suffix:
       default: ""
 ---