From 31eec92bfb68a714f096655d3a2b90e11973c685 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Wed, 18 Oct 2023 16:30:30 +0000 Subject: [PATCH 1/7] Add ssh audit events Log audit event for SSH certficate create and delete actions Changelog: added MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 EE: true --- .../groups/ssh_certificates/create_service.rb | 7 ++-- .../ssh_certificates/destroy_service.rb | 7 ++-- .../groups/ssh_certificates/create_service.rb | 33 +++++++++++++++++ .../ssh_certificates/destroy_service.rb | 36 +++++++++++++++++++ .../types/create_ssh_certificate.yml | 9 +++++ .../types/delete_ssh_certificate.yml | 9 +++++ ee/lib/ee/api/groups.rb | 4 +-- .../ssh_certificates/create_service_spec.rb | 28 ++++++++++++++- .../ssh_certificates/destroy_service_spec.rb | 33 ++++++++++++++--- 9 files changed, 155 insertions(+), 11 deletions(-) create mode 100644 ee/app/services/ee/groups/ssh_certificates/create_service.rb create mode 100644 ee/app/services/ee/groups/ssh_certificates/destroy_service.rb create mode 100644 ee/config/audit_events/types/create_ssh_certificate.yml create mode 100644 ee/config/audit_events/types/delete_ssh_certificate.yml diff --git a/app/services/groups/ssh_certificates/create_service.rb b/app/services/groups/ssh_certificates/create_service.rb index 6890901c306d0c..c2f1a5a0d9630d 100644 --- a/app/services/groups/ssh_certificates/create_service.rb +++ b/app/services/groups/ssh_certificates/create_service.rb @@ -3,9 +3,10 @@ module Groups module SshCertificates class CreateService - def initialize(group, params) + def initialize(group, params, current_user) @group = group @params = params + @current_user = current_user end def execute @@ -41,7 +42,7 @@ def execute private - attr_reader :group, :params + attr_reader :group, :params, :current_user def generate_fingerprint(key) Gitlab::SSHPublicKey.new(key).fingerprint_sha256&.delete_prefix('SHA256:') @@ -49,3 +50,5 @@ def generate_fingerprint(key) end end end + +Groups::SshCertificates::CreateService.prepend_mod_with('Groups::SshCertificates::CreateService') # rubocop: disable Cop/InjectEnterpriseEditionModule diff --git a/app/services/groups/ssh_certificates/destroy_service.rb b/app/services/groups/ssh_certificates/destroy_service.rb index 7a450d5bee67f7..a28db28131fd2f 100644 --- a/app/services/groups/ssh_certificates/destroy_service.rb +++ b/app/services/groups/ssh_certificates/destroy_service.rb @@ -3,9 +3,10 @@ module Groups module SshCertificates class DestroyService - def initialize(group, params) + def initialize(group, params, current_user) @group = group @params = params + @current_user = current_user end def execute @@ -29,7 +30,9 @@ def execute private - attr_reader :group, :params + attr_reader :group, :params, :current_user end end end + +Groups::SshCertificates::DestroyService.prepend_mod_with('Groups::SshCertificates::DestroyService') diff --git a/ee/app/services/ee/groups/ssh_certificates/create_service.rb b/ee/app/services/ee/groups/ssh_certificates/create_service.rb new file mode 100644 index 00000000000000..7479708da4c869 --- /dev/null +++ b/ee/app/services/ee/groups/ssh_certificates/create_service.rb @@ -0,0 +1,33 @@ +# frozen_string_literal: true + +module EE + module Groups + module SshCertificates + module CreateService + extend ::Gitlab::Utils::Override + + override :execute + def execute + response = super + log_audit_event(response.payload) if response.success? + response + end + + private + + def log_audit_event(ssh_certificate) + audit_context = { + name: "create_ssh_certificate", + author: current_user, + scope: group, + target: ssh_certificate, + target_details: ssh_certificate.title, + message: "Created SSH certificate with id #{ssh_certificate.id} and title #{ssh_certificate.title}" + } + + ::Gitlab::Audit::Auditor.audit(audit_context) + end + end + end + end +end diff --git a/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb b/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb new file mode 100644 index 00000000000000..4495ec06dfd1ea --- /dev/null +++ b/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +module EE + module Groups + module SshCertificates + module DestroyService + extend ::Gitlab::Utils::Override + + override :execute + def execute + ssh_certificate = group.ssh_certificates.find(params[:ssh_certificates_id]) + return ServiceResponse.error(message: 'SSH Certificate not found', reason: :not_found) unless ssh_certificate + + response = super + log_audit_event(ssh_certificate) if response.success? + response + end + + private + + def log_audit_event(ssh_certificate) + audit_context = { + name: "delete_ssh_certificate", + author: current_user, + scope: group, + target: ssh_certificate, + target_details: ssh_certificate.title, + message: "Deleted SSH certificate with id #{ssh_certificate.id} and title #{ssh_certificate.title}" + } + + ::Gitlab::Audit::Auditor.audit(audit_context) + end + end + end + end +end diff --git a/ee/config/audit_events/types/create_ssh_certificate.yml b/ee/config/audit_events/types/create_ssh_certificate.yml new file mode 100644 index 00000000000000..fef346046e45e9 --- /dev/null +++ b/ee/config/audit_events/types/create_ssh_certificate.yml @@ -0,0 +1,9 @@ +--- +name: create_ssh_certificate +description: Event triggered on ssh certificate create action +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 +feature_category: "groups_and_projects" +milestone: "16.5" +saved_to_database: true +streamed: true diff --git a/ee/config/audit_events/types/delete_ssh_certificate.yml b/ee/config/audit_events/types/delete_ssh_certificate.yml new file mode 100644 index 00000000000000..b2fdccd5e066bd --- /dev/null +++ b/ee/config/audit_events/types/delete_ssh_certificate.yml @@ -0,0 +1,9 @@ +--- +name: delete_ssh_certificate +description: Event triggered on ssh certificate delete action +introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 +introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 +feature_category: "groups_and_projects" +milestone: "16.5" +saved_to_database: true +streamed: true diff --git a/ee/lib/ee/api/groups.rb b/ee/lib/ee/api/groups.rb index f754e3626a45e3..5957cbba083cdf 100644 --- a/ee/lib/ee/api/groups.rb +++ b/ee/lib/ee/api/groups.rb @@ -292,7 +292,7 @@ def delete_group(group) check_ssh_certificate_available_to_group(group) - response = ::Groups::SshCertificates::CreateService.new(group, params).execute + response = ::Groups::SshCertificates::CreateService.new(group, params, current_user).execute if response.success? present response.payload, with: EE::API::Entities::SshCertificate else @@ -316,7 +316,7 @@ def delete_group(group) check_ssh_certificate_available_to_group(group) - response = ::Groups::SshCertificates::DestroyService.new(group, params).execute + response = ::Groups::SshCertificates::DestroyService.new(group, params, current_user).execute if response.success? no_content! diff --git a/ee/spec/services/groups/ssh_certificates/create_service_spec.rb b/ee/spec/services/groups/ssh_certificates/create_service_spec.rb index d8fb4272204cdb..fc73c1fe899a47 100644 --- a/ee/spec/services/groups/ssh_certificates/create_service_spec.rb +++ b/ee/spec/services/groups/ssh_certificates/create_service_spec.rb @@ -4,10 +4,11 @@ RSpec.describe Groups::SshCertificates::CreateService, '#execute', feature_category: :groups_and_projects do let_it_be(:group, reload: true) { create(:group) } + let_it_be(:current_user) { create(:admin) } let(:title) { 'Title 1' } let(:key) { generate_key } let(:ssh_certificate_params) { { title: title, key: key } } - let(:service) { described_class.new(group, ssh_certificate_params) } + let(:service) { described_class.new(group, ssh_certificate_params, current_user) } context 'when group and params are provided' do it 'succeeds' do @@ -49,6 +50,31 @@ end end + context 'when creating an SSH certificate' do + it_behaves_like 'audit event logging' do + let(:operation) { service.execute } + let(:attributes) do + { + author_id: current_user.id, + entity_id: group.id, + entity_type: 'Group', + details: { + author_class: 'User', + author_name: current_user.name, + custom_message: "Created SSH certificate with id #{group.ssh_certificates.first.id} and title #{title}", + target_details: group.ssh_certificates.first.title, + target_id: group.ssh_certificates.first.id, + target_type: 'Groups::SshCertificate' + } + } + end + + def fail_condition! + allow(group.ssh_certificates).to receive(:create!).and_raise(ActiveRecord::RecordInvalid) + end + end + end + def generate_key SSHData::PrivateKey::RSA.generate( ::Gitlab::SSHPublicKey.supported_sizes(:rsa).min, unsafe_allow_small_key: true diff --git a/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb b/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb index af06b135ce70bb..402a0fd194e4d8 100644 --- a/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb +++ b/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb @@ -3,11 +3,11 @@ require 'spec_helper' RSpec.describe Groups::SshCertificates::DestroyService, '#execute', feature_category: :groups_and_projects do - let_it_be(:ssh_certificate) { create(:group_ssh_certificate) } - let_it_be(:group, reload: true) { create(:group, ssh_certificates: [ssh_certificate]) } - + let_it_be(:group) { create(:group) } + let_it_be(:current_user) { create(:admin) } + let_it_be(:ssh_certificate) { create(:group_ssh_certificate, group: group) } let(:ssh_certificate_params) { { ssh_certificates_id: ssh_certificate.id } } - let(:service) { described_class.new(group, ssh_certificate_params) } + let(:service) { described_class.new(group, ssh_certificate_params, current_user) } context 'when group and params are provided' do it 'succeeds' do @@ -36,4 +36,29 @@ expect(response.errors.first).to eq("SSH Certificate not found") end end + + context 'when deleting an SSH certificate' do + it_behaves_like 'audit event logging' do + let(:operation) { service.execute } + let(:attributes) do + { + author_id: current_user.id, + entity_id: group.id, + entity_type: 'Group', + details: { + author_class: 'User', + author_name: current_user.name, + custom_message: "Deleted SSH certificate with id #{ssh_certificate.id} and title #{ssh_certificate.title}", + target_details: ssh_certificate.title, + target_id: ssh_certificate.id, + target_type: 'Groups::SshCertificate' + } + } + end + + def fail_condition! + allow(group.ssh_certificates).to receive(:find).and_raise(ActiveRecord::RecordNotFound) + end + end + end end -- GitLab From 4915ca45582f4abbd2cbf4cc27ce48e5b261ae4e Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Thu, 19 Oct 2023 14:11:11 +0000 Subject: [PATCH 2/7] Refine audit event specs Log audit event for ssh certficate create and delete actions Changelog: added MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 EE: true --- app/services/groups/ssh_certificates/create_service.rb | 2 +- app/services/groups/ssh_certificates/destroy_service.rb | 2 +- .../audit_event_streaming/audit_event_types.md | 2 ++ .../ee/groups/ssh_certificates/destroy_service.rb | 8 +++----- ee/config/audit_events/types/create_ssh_certificate.yml | 2 +- ee/config/audit_events/types/delete_ssh_certificate.yml | 2 +- .../groups/ssh_certificates/destroy_service_spec.rb | 4 ++-- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/app/services/groups/ssh_certificates/create_service.rb b/app/services/groups/ssh_certificates/create_service.rb index c2f1a5a0d9630d..e45700783959e2 100644 --- a/app/services/groups/ssh_certificates/create_service.rb +++ b/app/services/groups/ssh_certificates/create_service.rb @@ -51,4 +51,4 @@ def generate_fingerprint(key) end end -Groups::SshCertificates::CreateService.prepend_mod_with('Groups::SshCertificates::CreateService') # rubocop: disable Cop/InjectEnterpriseEditionModule +Groups::SshCertificates::CreateService.prepend_mod_with('Groups::SshCertificates::CreateService') diff --git a/app/services/groups/ssh_certificates/destroy_service.rb b/app/services/groups/ssh_certificates/destroy_service.rb index a28db28131fd2f..5f7bba12878b35 100644 --- a/app/services/groups/ssh_certificates/destroy_service.rb +++ b/app/services/groups/ssh_certificates/destroy_service.rb @@ -13,7 +13,7 @@ def execute ssh_certificate = group.ssh_certificates.find(params[:ssh_certificates_id]) ssh_certificate.destroy! - ServiceResponse.success + ServiceResponse.success(payload: { ssh_certificate: ssh_certificate }) rescue ActiveRecord::RecordNotFound ServiceResponse.error( diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 2d1249e2b6c5e7..8782474bc0b036 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -228,6 +228,8 @@ Audit event types belong to the following product categories. | Name | Description | Saved to database | Streamed | Introduced in | |:-----|:------------|:------------------|:---------|:--------------| +| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on ssh certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.5](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on ssh certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.5](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | | [`group_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121005) | Event triggered when a group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/411595) | | [`group_lfs_enabled_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups lfs enabled is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | | [`group_membership_lock_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups membership lock is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | diff --git a/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb b/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb index 4495ec06dfd1ea..0b7c849bd5180e 100644 --- a/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb +++ b/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb @@ -8,17 +8,15 @@ module DestroyService override :execute def execute - ssh_certificate = group.ssh_certificates.find(params[:ssh_certificates_id]) - return ServiceResponse.error(message: 'SSH Certificate not found', reason: :not_found) unless ssh_certificate - response = super - log_audit_event(ssh_certificate) if response.success? + log_audit_event(response.payload[:ssh_certificate]) if response.success? response end - + private def log_audit_event(ssh_certificate) + audit_context = { name: "delete_ssh_certificate", author: current_user, diff --git a/ee/config/audit_events/types/create_ssh_certificate.yml b/ee/config/audit_events/types/create_ssh_certificate.yml index fef346046e45e9..359dc825f23509 100644 --- a/ee/config/audit_events/types/create_ssh_certificate.yml +++ b/ee/config/audit_events/types/create_ssh_certificate.yml @@ -4,6 +4,6 @@ description: Event triggered on ssh certificate create action introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 feature_category: "groups_and_projects" -milestone: "16.5" +milestone: "16.6" saved_to_database: true streamed: true diff --git a/ee/config/audit_events/types/delete_ssh_certificate.yml b/ee/config/audit_events/types/delete_ssh_certificate.yml index b2fdccd5e066bd..a38792ccc5fbe3 100644 --- a/ee/config/audit_events/types/delete_ssh_certificate.yml +++ b/ee/config/audit_events/types/delete_ssh_certificate.yml @@ -4,6 +4,6 @@ description: Event triggered on ssh certificate delete action introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 feature_category: "groups_and_projects" -milestone: "16.5" +milestone: "16.6" saved_to_database: true streamed: true diff --git a/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb b/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb index 402a0fd194e4d8..4ff4b4641e99bd 100644 --- a/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb +++ b/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb @@ -3,9 +3,9 @@ require 'spec_helper' RSpec.describe Groups::SshCertificates::DestroyService, '#execute', feature_category: :groups_and_projects do - let_it_be(:group) { create(:group) } + let_it_be(:ssh_certificate) { create(:group_ssh_certificate) } + let_it_be(:group, reload: true) { create(:group, ssh_certificates: [ssh_certificate]) } let_it_be(:current_user) { create(:admin) } - let_it_be(:ssh_certificate) { create(:group_ssh_certificate, group: group) } let(:ssh_certificate_params) { { ssh_certificates_id: ssh_certificate.id } } let(:service) { described_class.new(group, ssh_certificate_params, current_user) } -- GitLab From 23a1d72eb56a201e9fd4eee59768a96d20a4df56 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Thu, 19 Oct 2023 15:49:42 +0000 Subject: [PATCH 3/7] Refine ssh events documentation --- doc/administration/audit_event_streaming/audit_event_types.md | 4 ++-- ee/app/services/ee/groups/ssh_certificates/destroy_service.rb | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 8782474bc0b036..f4fb3071129dd0 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -228,8 +228,8 @@ Audit event types belong to the following product categories. | Name | Description | Saved to database | Streamed | Introduced in | |:-----|:------------|:------------------|:---------|:--------------| -| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on ssh certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.5](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | -| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on ssh certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.5](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | | [`group_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121005) | Event triggered when a group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/411595) | | [`group_lfs_enabled_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups lfs enabled is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | | [`group_membership_lock_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups membership lock is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | diff --git a/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb b/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb index 0b7c849bd5180e..87ce3b9fd5a91f 100644 --- a/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb +++ b/ee/app/services/ee/groups/ssh_certificates/destroy_service.rb @@ -12,11 +12,10 @@ def execute log_audit_event(response.payload[:ssh_certificate]) if response.success? response end - + private def log_audit_event(ssh_certificate) - audit_context = { name: "delete_ssh_certificate", author: current_user, -- GitLab From 4f1a5e6f1626b79c5eaadb35956cf1a59e6d5228 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Thu, 19 Oct 2023 16:37:12 +0000 Subject: [PATCH 4/7] Refine audit event docs --- doc/administration/audit_event_streaming/audit_event_types.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index f4fb3071129dd0..c602e41f03068c 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -228,8 +228,8 @@ Audit event types belong to the following product categories. | Name | Description | Saved to database | Streamed | Introduced in | |:-----|:------------|:------------------|:---------|:--------------| -| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | -| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on group SSH certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on group SSH certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | | [`group_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121005) | Event triggered when a group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/411595) | | [`group_lfs_enabled_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups lfs enabled is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | | [`group_membership_lock_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups membership lock is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | -- GitLab From 4a8ee690341bc01b5d2bdfd431279a14fd99b212 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Fri, 20 Oct 2023 04:30:24 +0000 Subject: [PATCH 5/7] Fix audit events docs --- doc/administration/audit_event_streaming/audit_event_types.md | 4 ++-- ee/config/audit_events/types/create_ssh_certificate.yml | 2 +- ee/config/audit_events/types/delete_ssh_certificate.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index c602e41f03068c..f4fb3071129dd0 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -228,8 +228,8 @@ Audit event types belong to the following product categories. | Name | Description | Saved to database | Streamed | Introduced in | |:-----|:------------|:------------------|:---------|:--------------| -| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on group SSH certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | -| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on group SSH certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | | [`group_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121005) | Event triggered when a group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/411595) | | [`group_lfs_enabled_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups lfs enabled is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | | [`group_membership_lock_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups membership lock is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | diff --git a/ee/config/audit_events/types/create_ssh_certificate.yml b/ee/config/audit_events/types/create_ssh_certificate.yml index 359dc825f23509..7f05fc048a3491 100644 --- a/ee/config/audit_events/types/create_ssh_certificate.yml +++ b/ee/config/audit_events/types/create_ssh_certificate.yml @@ -1,6 +1,6 @@ --- name: create_ssh_certificate -description: Event triggered on ssh certificate create action +description: Event triggered on SSH certificate create action introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 feature_category: "groups_and_projects" diff --git a/ee/config/audit_events/types/delete_ssh_certificate.yml b/ee/config/audit_events/types/delete_ssh_certificate.yml index a38792ccc5fbe3..fcd512953c7a4b 100644 --- a/ee/config/audit_events/types/delete_ssh_certificate.yml +++ b/ee/config/audit_events/types/delete_ssh_certificate.yml @@ -1,6 +1,6 @@ --- name: delete_ssh_certificate -description: Event triggered on ssh certificate delete action +description: Event triggered on SSH certificate delete action introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 feature_category: "groups_and_projects" -- GitLab From 9bf5f9daaf5607968f73756343539f3c66b624e7 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Fri, 20 Oct 2023 15:13:15 +0000 Subject: [PATCH 6/7] Refine certficate audit event specs --- ee/spec/services/groups/ssh_certificates/create_service_spec.rb | 2 +- .../services/groups/ssh_certificates/destroy_service_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ee/spec/services/groups/ssh_certificates/create_service_spec.rb b/ee/spec/services/groups/ssh_certificates/create_service_spec.rb index fc73c1fe899a47..0f90a351811a5a 100644 --- a/ee/spec/services/groups/ssh_certificates/create_service_spec.rb +++ b/ee/spec/services/groups/ssh_certificates/create_service_spec.rb @@ -4,7 +4,7 @@ RSpec.describe Groups::SshCertificates::CreateService, '#execute', feature_category: :groups_and_projects do let_it_be(:group, reload: true) { create(:group) } - let_it_be(:current_user) { create(:admin) } + let_it_be(:current_user) { create(:user) } let(:title) { 'Title 1' } let(:key) { generate_key } let(:ssh_certificate_params) { { title: title, key: key } } diff --git a/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb b/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb index 4ff4b4641e99bd..5fefc2c4862403 100644 --- a/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb +++ b/ee/spec/services/groups/ssh_certificates/destroy_service_spec.rb @@ -5,7 +5,7 @@ RSpec.describe Groups::SshCertificates::DestroyService, '#execute', feature_category: :groups_and_projects do let_it_be(:ssh_certificate) { create(:group_ssh_certificate) } let_it_be(:group, reload: true) { create(:group, ssh_certificates: [ssh_certificate]) } - let_it_be(:current_user) { create(:admin) } + let_it_be(:current_user) { create(:user) } let(:ssh_certificate_params) { { ssh_certificates_id: ssh_certificate.id } } let(:service) { described_class.new(group, ssh_certificate_params, current_user) } -- GitLab From 86c3a05ff063c06cae700d5d69e766a58f547a67 Mon Sep 17 00:00:00 2001 From: sameer shaik Date: Mon, 23 Oct 2023 02:30:57 +0000 Subject: [PATCH 7/7] Refine ssh events description --- doc/administration/audit_event_streaming/audit_event_types.md | 4 ++-- ee/config/audit_events/types/create_ssh_certificate.yml | 2 +- ee/config/audit_events/types/delete_ssh_certificate.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index f4fb3071129dd0..6e1436284d051e 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -228,8 +228,8 @@ Audit event types belong to the following product categories. | Name | Description | Saved to database | Streamed | Introduced in | |:-----|:------------|:------------------|:---------|:--------------| -| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate create action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | -| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered on SSH certificate delete action| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered when an SSH certificate is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered when an SSH certificate is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | | [`group_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121005) | Event triggered when a group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/411595) | | [`group_lfs_enabled_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups lfs enabled is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | | [`group_membership_lock_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups membership lock is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | diff --git a/ee/config/audit_events/types/create_ssh_certificate.yml b/ee/config/audit_events/types/create_ssh_certificate.yml index 7f05fc048a3491..8dcc89dcda94d8 100644 --- a/ee/config/audit_events/types/create_ssh_certificate.yml +++ b/ee/config/audit_events/types/create_ssh_certificate.yml @@ -1,6 +1,6 @@ --- name: create_ssh_certificate -description: Event triggered on SSH certificate create action +description: Event triggered when an SSH certificate is created. introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 feature_category: "groups_and_projects" diff --git a/ee/config/audit_events/types/delete_ssh_certificate.yml b/ee/config/audit_events/types/delete_ssh_certificate.yml index fcd512953c7a4b..8213d37cc80cde 100644 --- a/ee/config/audit_events/types/delete_ssh_certificate.yml +++ b/ee/config/audit_events/types/delete_ssh_certificate.yml @@ -1,6 +1,6 @@ --- name: delete_ssh_certificate -description: Event triggered on SSH certificate delete action +description: Event triggered when an SSH certificate is deleted. introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/427413 introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556 feature_category: "groups_and_projects" -- GitLab