Represents an artifact archive produced by a CI/CD job. Artifacts are ZIP archives uploaded by the runner at the end of a job and stored by GitLab. They can contain build outputs, test results, deployment packages, compiled binaries, configuration files, or any other files produced during a pipeline run. Artifacts may contain credentials or secrets if a job writes sensitive environment variables to files.
When secret scanning is performed during enrichment, GL_ContainsCredentialsFor edges are added to GL_LeakedSecret nodes for any credentials found in the archive. If a secret value looks like a GitLab PAT, an additional GL_IsToken edge is created from the GL_LeakedSecret node to the corresponding GL_AccessToken node.
| Property Name | Data Type | Description |
|---|---|---|
| name | string | Artifact archive filename (e.g., artifacts.zip) |
| size | integer | Archive size in bytes |
| files | string[] | List of files contained within the artifact archive |
flowchart TD
GL_Job[fa:fa-gear GL_Job]
GL_JobArtifact[fa:fa-file-zipper GL_JobArtifact]
GL_LeakedSecret[fa:fa-key GL_LeakedSecret]
GL_Job -.->|GL_Produced| GL_JobArtifact
GL_JobArtifact -->|GL_ContainsCredentialsFor| GL_LeakedSecret