From ee19e5a05547e5ce1cd740dbee72026e303f7d85 Mon Sep 17 00:00:00 2001 From: Linjie Zhang Date: Thu, 23 Jun 2022 21:51:13 +0800 Subject: [PATCH 1/2] Stream audit event on merge request create Stream audit event for mergre request create action. Changelog: added EE: true --- .../ee/merge_requests/create_service.rb | 17 +++++++++++++++++ .../ee/merge_requests/create_service_spec.rb | 14 ++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/ee/app/services/ee/merge_requests/create_service.rb b/ee/app/services/ee/merge_requests/create_service.rb index 3f0bdc403c1edf..bc83f19eec1252 100644 --- a/ee/app/services/ee/merge_requests/create_service.rb +++ b/ee/app/services/ee/merge_requests/create_service.rb @@ -15,6 +15,23 @@ def after_create(issuable) ::MergeRequests::UpdateBlocksService .new(issuable, current_user, blocking_merge_requests_params) .execute + + stream_audit_event(issuable) + end + + private + + def stream_audit_event(merge_request) + audit_context = { + name: 'merge_request_create', + stream_only: true, + author: current_user, + scope: merge_request.project, + target: merge_request, + message: 'Added merge request' + } + + ::Gitlab::Audit::Auditor.audit(audit_context) end end end diff --git a/ee/spec/services/ee/merge_requests/create_service_spec.rb b/ee/spec/services/ee/merge_requests/create_service_spec.rb index 73f47328214a75..aaa6b842d42598 100644 --- a/ee/spec/services/ee/merge_requests/create_service_spec.rb +++ b/ee/spec/services/ee/merge_requests/create_service_spec.rb @@ -52,6 +52,20 @@ it_behaves_like 'service with multiple reviewers' do let(:execute) { service.execute } end + + it 'sends the audit streaming event' do + audit_context = { + name: 'merge_request_create', + stream_only: true, + author: user, + scope: project, + message: 'Added merge request' + } + + expect(::Gitlab::Audit::Auditor).to receive(:audit).with(hash_including(audit_context)) + + service.execute + end end describe '#execute with blocking merge requests', :clean_gitlab_redis_shared_state do -- GitLab From b33038ebd9ee17f4c8f3aa08d9a66b2890230555 Mon Sep 17 00:00:00 2001 From: Linjie Zhang Date: Mon, 4 Jul 2022 20:18:36 +0800 Subject: [PATCH 2/2] Add doc for merge request create streaming audit event --- doc/administration/audit_event_streaming.md | 49 +++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/doc/administration/audit_event_streaming.md b/doc/administration/audit_event_streaming.md index ad235ead992a48..28c94d9c9021e1 100644 --- a/doc/administration/audit_event_streaming.md +++ b/doc/administration/audit_event_streaming.md @@ -427,3 +427,52 @@ X-Gitlab-Audit-Event-Type: audit_operation "event_type": "audit_operation" } ``` + +## Audit event streaming on merge request create actions + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90911) in GitLab 15.2. + +Stream audit events that relate to merge request create actions using the `/logs` endpoint. + +Send API requests that contain the `X-Gitlab-Audit-Event-Type` header with value `merge_request_create`. GitLab responds with JSON payloads with an +`event_type` field set to `merge_request_create`. + +### Headers + +Headers are formatted as follows: + +```plaintext +POST /logs HTTP/1.1 +Host: +Content-Type: application/x-www-form-urlencoded +X-Gitlab-Audit-Event-Type: merge_request_create +X-Gitlab-Event-Streaming-Token: +``` + +### Example payload + +```json +{ + "id": 1, + "author_id": 1, + "entity_id": 24, + "entity_type": "Project", + "details": { + "author_name": "example_user", + "target_id": 132, + "target_type": "MergeRequest", + "target_details": "Update test.md", + "custom_message": "Added merge request", + "ip_address": "127.0.0.1", + "entity_path": "example-group/example-project" + }, + "ip_address": "127.0.0.1", + "author_name": "Administrator", + "entity_path": "example-group/example-project", + "target_details": "Update test.md", + "created_at": "2022-07-04T00:19:22.675Z", + "target_type": "MergeRequest", + "target_id": 132, + "event_type": "merge_request_create" +} +``` -- GitLab