GitLab Compliance - Hands-On Lab: Scan Execution Policies

This Hands-On Guide walks you through enabling and using Scan Execution Policies in your projects.

Estimated time to complete: 15 minutes

Objectives

Scan execution policies allow you to run security scans against projects and groups in a consistent manner. In this lab, you will learn how to add a scan execution policy to your project.

Task A. Create a scan execution policy

  1. In the left sidebar, select Secure > Policies.

  2. Select New policy.

  3. Under Scan execution policy, select Select policy.

  4. In the name, input run scan.

  5. In the Actions, set the scan to run a Secret Detection scan. Leave all action configurations at default.

  6. In the Conditions section, set to Triggers: for all branches with No exceptions.

  7. Select Configure with a Merge Request.

  8. Select Merge.

Task B. Testing your scan execution policy

  1. Navigate back to your Compliance Project project.

  2. Select + > New file.

  3. Enter anything for the Filename and file contents.

  4. Select Commit changes.

  5. Select Create Merge Request.

  6. Review the Merge Request pipeline. Note that there is now a secret detection scan job.

Lab Guide Complete

You have completed this lab exercise. You can view the other lab guides for this course.

Suggestions?

If you wish to make a change to the lab, please submit your changes via Merge Request.

Last modified October 23, 2025: Update Suggestions to be Uniform (0c39f0dd)
View page source - Edit this page - please contribute. Creative Commons License