Turn Your Vehicle Into a Smart Earning Asset

While you’re not driving your car or bike, it can still be working for you. MOTOSHARE helps you earn passive income by connecting your vehicle with trusted renters in your city.

🚗 You set the rental price
🔐 Secure bookings with verified renters
📍 Track your vehicle with GPS integration
💰 Start earning within 48 hours

Join as a Partner Today

It’s simple, safe, and rewarding. Your vehicle. Your rules. Your earnings.

Uncategorised

Gitlab FAQ

May 28, 2025 Leave a Comment

Security

GitLab does not provide true file-level access control (like “only Alice can read secrets.yml”) — but it does provide tools to restrict access and prevent exposure of sensitive files using:

✅ What You Can Do in GitLab (SaaS and Self-managed)

1. ✅ Push Rules for Sensitive Files

  • Prevent commits that contain secrets, keys, passwords, or specific file names.
  • Configure under:
    Settings → Repository → Push Rules

Example:

  • Reject commits with .env or *.pem files:
Forbidden file names: ^(.env|.*\.pem)$
  • Reject commits with AWS keys using regex:
Secret detection regex: AKIA[0-9A-Z]{16}

2. ✅ Protected Branches

  • Prevent unauthorized push/merge to sensitive branches like main, release, etc.
  • Set under:
    Settings → Repository → Protected Branches

3. ✅ Code Owners for Sensitive Files

  • Define ownership for sensitive files using a CODEOWNERS file.
  • Prevent changes to specific paths unless approved by listed owners.

Example:

/secrets/*  @devops-lead @security-team
Code language: PHP (php)

4. ✅ Secret Detection (SAST/Static Scanning)

  • GitLab CI/CD automatically scans for hardcoded secrets and keys.
  • Available in GitLab Ultimate and in some parts of Premium.
  • Found under: Security & Compliance → Vulnerability Report

5. ✅ File Pattern Merge Request Rules (Paid)

  • Use merge request approval rules for changes to specific file paths (e.g., secrets, configs).

Example:

Rule: If /infra/keys/* is changed → require @security-team to approve
Code language: PHP (php)

❌ What You Cannot Do Directly in GitLab

FeatureGitLab Status
Per-file access control (ACL-style)❌ Not supported
Per-user permission to view/edit specific files❌ Not supported
Encryption-at-rest per file inside repo❌ Not native (requires external tools)

🔐 Recommended Best Practices

GoalGitLab Feature to Use
Prevent secrets in repoPush rules + Secret detection + .gitignore
Limit merge to sensitive filesCODEOWNERS + Approval Rules
Block commits with unsafe patternsPush Rules + Pre-commit Hooks (externally)
Enforce audits of sensitive changesMerge request rules with approval

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x