1. Proposed title of this feature request

RHACS should detect secrets

2. What is the nature and description of the request?

RHACS customers can currently create a custom policy to the match the regex of environment variables.   However, this customer is requesting the ability to detect the actual secret as a secret and then alert the customer.   Further, they are aware that this can be accomplished with Gatekeeper Operator, but they prefer that RHACS detect the secret rather than Gatekeeper or another integration. 

3. Why does the customer need this? (List the business requirements here)

• A security tool like RHACS should detect the presence of secrets.
• They do not want to integrate with Gatekeeper Operator

The customer stated: 

Our requirement is the tools should intelligently identify if the stored environment variable is an actual secret. Like on gatekeeper it was checking for password length for example. there should be many such tricks for finding whether it's an actual password. And if it is implemented as part of ACS policies it would be better.

4. List any affected packages or components.

RHACS secrets