If you have advanced security enabled, you cannot import to ADO because there is a file with an ACR secret one of the commits
Closed this issue · 6 comments
Oops! Your import of https://github.com/MicrosoftLearning/eShopOnWeb repository failed due to VS403654: The push was rejected because it contains one or more secrets. Resolve the following secrets before pushing again. For help, see https://aka.ms/advancedsecurity/secret-scanning/push-protection. Secrets: commit: ca1b827 paths: /.github/workflows/docker-image.yml(31,23-75) : SEC101/176 : AzureContainerRegistryIdentifiableKey.
That commit belongs to a fork, how is this affecting this repo? any ideas @rob-foulkrod ?
PS: I just imported the repo with no issues on my Azure DevOps, @sayedimac do you have a particular app or extensions installed?
I can reproduce the error. Looks like they have started adding secret push protection in the import process. So, learners who have configured Advanced security AND have enabled 'Automatically enable Advanced Security for new projects' they will be hit with this.
It can be solved by disabling the Auto enable prior to import or disabling Advanced Security once they have received this message.
Now the question becomes keeping or removing the secret. Thoughts?
@yashints Well not really anything fancy that will stop this except I think it is the advanced security that is preventing this from happening. I might Fork the repo (tip) and import from there because it looks like the file was in an older commit and has been updated/removed.
Either way - here are my extensions:
Why can't I see the secret in the codebase? My understanding was it was part of a fork and not this repo
I've tested and imported the repository multiple times for the updates I'm working on, even in repositories with GHAS, and I can't reproduce the issue. I'm closing the issue for now, but please let me know if it becomes a problem again. Thanks!