Secrets Detection in Gitlab CI/CD

I’m having some troubles understanding how to activate Secrets Detection in Gitlab CI/CD. I created a new NodeJS Express from template and then i activated auto-devops from Settings > CI/CD and checked the checkbox Default to Auto Devops pipeline under the Auto Devops Menu. After that i opened the app.js file in the project folder and inserted a variable that looks like a key-value. Here’s the piece of code where i inserted the line:

var app = express();

var key = "api-12321321321321321";

// view engine setup
app.set('views', path.join(__dirname, 'views'));

After committing the changes i expected the pipeline to fail because of the leak of the secret. Here’s an images that shows that secret dection passed.

Can anyone tell me how to make so that the pipeline reports the error?

1 Like