diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 0338c912b533307bfd8c00738d5359bf67b40462..71ad747b6b1da3e3e3b922a44ab43ba77d568dc9 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -228,7 +228,16 @@ def housekeeping :eager end - ::Repositories::HousekeepingService.new(@project, task).execute + ::Repositories::HousekeepingService.new(@project, task).execute do + ::Gitlab::Audit::Auditor.audit( + name: 'manually_trigger_housekeeping', + author: current_user, + scope: @project, + target: @project, + message: "Housekeeping task: #{task}", + created_at: DateTime.current + ) + end redirect_to( project_path(@project), diff --git a/config/audit_events/types/manually_trigger_housekeeping.yml b/config/audit_events/types/manually_trigger_housekeeping.yml new file mode 100644 index 0000000000000000000000000000000000000000..70c9818d8e80f8c12c90c4711b70bdc8899e66eb --- /dev/null +++ b/config/audit_events/types/manually_trigger_housekeeping.yml @@ -0,0 +1,9 @@ +--- +name: manually_trigger_housekeeping +description: Triggered when manually triggering housekeeping via api or admin UI +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/390761 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112095 +feature_category: source_code_management +milestone: '15.9' +saved_to_database: true +streamed: true diff --git a/lib/api/projects.rb b/lib/api/projects.rb index 36c132fdc100599c2395a09f7876ecc62eee8d6e..6eea56ea117f72985493188ccb65dc45b208ad18 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -875,7 +875,16 @@ def add_import_params(params) authorize_admin_project begin - ::Repositories::HousekeepingService.new(user_project, params[:task]).execute + ::Repositories::HousekeepingService.new(user_project, params[:task]).execute do + ::Gitlab::Audit::Auditor.audit( + name: 'manually_trigger_housekeeping', + author: current_user, + scope: user_project, + target: user_project, + message: "Housekeeping task: #{params[:task]}", + created_at: DateTime.current + ) + end rescue ::Repositories::HousekeepingService::LeaseTaken => error conflict!(error.message) end diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb index c0c5dcfe21d783971f9e283f04ed1810fdb10711..cf87b2c443738d1c17b47c24058f76a8dac595cc 100644 --- a/spec/controllers/projects_controller_spec.rb +++ b/spec/controllers/projects_controller_spec.rb @@ -664,6 +664,20 @@ def get_show expect(response).to have_gitlab_http_status(:found) end + it 'logs an audit event' do + expect(housekeeping).to receive(:execute).once.and_yield + + expect(::Gitlab::Audit::Auditor).to receive(:audit).with(a_hash_including( + name: 'manually_trigger_housekeeping', + author: user, + scope: project, + target: project, + message: "Housekeeping task: eager" + )) + + subject + end + context 'and requesting prune' do let(:prune) { true } diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index 9a481c524e2ec7998d1f53ca4cad585604492fa8..e78ef2f763028dc790df5f15537dc77c217e7ff4 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -4719,6 +4719,9 @@ def failure_message(diff) describe 'POST /projects/:id/housekeeping' do let(:housekeeping) { Repositories::HousekeepingService.new(project) } + let(:params) { {} } + + subject { post api("/projects/#{project.id}/housekeeping", user), params: params } before do allow(Repositories::HousekeepingService).to receive(:new).with(project, :eager).and_return(housekeeping) @@ -4728,26 +4731,45 @@ def failure_message(diff) it 'starts the housekeeping process' do expect(housekeeping).to receive(:execute).once - post api("/projects/#{project.id}/housekeeping", user) + subject expect(response).to have_gitlab_http_status(:created) end + it 'logs an audit event' do + expect(housekeeping).to receive(:execute).once.and_yield + expect(::Gitlab::Audit::Auditor).to receive(:audit).with(a_hash_including( + name: 'manually_trigger_housekeeping', + author: user, + scope: project, + target: project, + message: "Housekeeping task: eager" + )) + + subject + end + context 'when requesting prune' do + let(:params) { { task: :prune } } + it 'triggers a prune' do expect(Repositories::HousekeepingService).to receive(:new).with(project, :prune).and_return(housekeeping) expect(housekeeping).to receive(:execute).once - post api("/projects/#{project.id}/housekeeping", user), params: { task: :prune } + subject expect(response).to have_gitlab_http_status(:created) end end context 'when requesting an unsupported task' do + let(:params) { { task: :unsupported_task } } + it 'responds with bad_request' do expect(Repositories::HousekeepingService).not_to receive(:new) - post api("/projects/#{project.id}/housekeeping", user), params: { task: :unsupported_task } + + subject + expect(response).to have_gitlab_http_status(:bad_request) end end @@ -4756,7 +4778,7 @@ def failure_message(diff) it 'returns conflict' do expect(housekeeping).to receive(:execute).once.and_raise(Repositories::HousekeepingService::LeaseTaken) - post api("/projects/#{project.id}/housekeeping", user) + subject expect(response).to have_gitlab_http_status(:conflict) expect(json_response['message']).to match(/Somebody already triggered housekeeping for this resource/)