diff --git a/ee/app/services/ee/groups/deploy_tokens/create_service.rb b/ee/app/services/ee/groups/deploy_tokens/create_service.rb index c31f5caa9a39bfae4b38bb5ab6d0757ef69bffe2..541d2fcfcfb4875fc1336c3c1da62499462b6de9 100644 --- a/ee/app/services/ee/groups/deploy_tokens/create_service.rb +++ b/ee/app/services/ee/groups/deploy_tokens/create_service.rb @@ -16,21 +16,25 @@ def execute private def audit_event_service(deploy_token, result) - message = if result[:status] == :success - "Created group deploy token with name: #{deploy_token.name} with token_id: #{deploy_token.id} with scopes: #{deploy_token.scopes}." - else - "Attempted to create group deploy token but failed with message: #{result[:message]}" - end + if result[:status] == :success + message = "Created group deploy token with name: #{deploy_token.name} with token_id: #{deploy_token.id} with scopes: #{deploy_token.scopes}." + name = "group_deploy_token_created" + else + message = "Attempted to create group deploy token but failed with message: #{result[:message]}" + name = "group_deploy_token_creation_failed" + end - ::AuditEventService.new( - current_user, - group, - target_id: deploy_token.id, - target_type: deploy_token.class.name, - target_details: deploy_token.name, - action: :custom, - custom_message: message - ).security_event + audit_context = { + name: name, + author: current_user, + scope: group, + target: deploy_token, + message: message, + additional_details: { + action: :custom + } + } + ::Gitlab::Audit::Auditor.audit(audit_context) end end end diff --git a/ee/app/services/ee/groups/deploy_tokens/destroy_service.rb b/ee/app/services/ee/groups/deploy_tokens/destroy_service.rb index cb7f15302e76f9c063bb436ea4b19398aa3edffe..86eee38251d8b1fbf9058be43cc229e2b2507fb1 100644 --- a/ee/app/services/ee/groups/deploy_tokens/destroy_service.rb +++ b/ee/app/services/ee/groups/deploy_tokens/destroy_service.rb @@ -18,15 +18,17 @@ def execute def audit_event_service(deploy_token) message = "Destroyed group deploy token with name: #{deploy_token.name} with token_id: #{deploy_token.id} with scopes: #{deploy_token.scopes}." - ::AuditEventService.new( - current_user, - group, - target_id: deploy_token.id, - target_type: deploy_token.class.name, - target_details: deploy_token.name, - action: :custom, - custom_message: message - ).security_event + audit_context = { + name: "group_deploy_token_destroyed", + author: current_user, + scope: group, + target: deploy_token, + message: message, + additional_details: { + action: :custom + } + } + ::Gitlab::Audit::Auditor.audit(audit_context) end end end diff --git a/ee/app/services/ee/groups/deploy_tokens/revoke_service.rb b/ee/app/services/ee/groups/deploy_tokens/revoke_service.rb index 4c59f5a555e791b06e93548dc2d1040e4e650629..b3cf6ca0745fa75f55cda0dfe3bc4d5eb6f83e64 100644 --- a/ee/app/services/ee/groups/deploy_tokens/revoke_service.rb +++ b/ee/app/services/ee/groups/deploy_tokens/revoke_service.rb @@ -16,15 +16,17 @@ def execute def log_audit_event message = "Revoked group deploy token with name: #{token.name} with token_id: #{token.id} with scopes: #{token.scopes}." - ::AuditEventService.new( - current_user, - group, - target_id: token.id, - target_type: token.class.name, - target_details: token.name, - action: :custom, - custom_message: message - ).security_event + audit_context = { + name: "group_deploy_token_revoked", + author: current_user, + scope: group, + target: token, + message: message, + additional_details: { + action: :custom + } + } + ::Gitlab::Audit::Auditor.audit(audit_context) end end end diff --git a/ee/spec/services/ee/groups/deploy_tokens/create_service_spec.rb b/ee/spec/services/ee/groups/deploy_tokens/create_service_spec.rb index 690b24bfb2f78e14aeadf7c480995e4d881dddd6..c07a79d0be14af43d1e0d17a236cc3bd63a198e1 100644 --- a/ee/spec/services/ee/groups/deploy_tokens/create_service_spec.rb +++ b/ee/spec/services/ee/groups/deploy_tokens/create_service_spec.rb @@ -4,6 +4,7 @@ RSpec.describe Groups::DeployTokens::CreateService do let_it_be(:entity) { create(:group) } + let_it_be(:destination) { create(:external_audit_event_destination, group: entity) } let_it_be(:user) { create(:user) } let(:deploy_token_params) { attributes_for(:deploy_token) } @@ -23,6 +24,14 @@ expect(AuditEvent.last.details[:custom_message]).to eq(expected_message) end + before do + stub_licensed_features(external_audit_events: true) + end + + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { "group_deploy_token_created" } + end + context 'when group is a sub-group' do let_it_be(:parent_group) { create :group } let_it_be(:group) { create :group, parent: parent_group } @@ -47,6 +56,14 @@ expect(AuditEvent.last.details[:custom_message]).to eq(expected_message) end + + before do + stub_licensed_features(external_audit_events: true) + end + + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { "group_deploy_token_creation_failed" } + end end end end diff --git a/ee/spec/services/ee/groups/deploy_tokens/destroy_service_spec.rb b/ee/spec/services/ee/groups/deploy_tokens/destroy_service_spec.rb index 09d04fe3ff44b55f18341e536f3794c1a0e530d6..a19e26f7ff903bb5f55e5d5c6fcc1ec0beafb3c6 100644 --- a/ee/spec/services/ee/groups/deploy_tokens/destroy_service_spec.rb +++ b/ee/spec/services/ee/groups/deploy_tokens/destroy_service_spec.rb @@ -4,6 +4,7 @@ RSpec.describe Groups::DeployTokens::DestroyService do let_it_be(:entity) { create(:group) } + let_it_be(:destination) { create(:external_audit_event_destination, group: entity) } let_it_be(:deploy_token) { create(:deploy_token, :group, groups: [entity]) } let_it_be(:user) { create(:user) } let_it_be(:deploy_token_params) { { token_id: deploy_token.id } } @@ -22,6 +23,14 @@ expect(AuditEvent.last.details[:custom_message]).to eq(expected_message) end + before do + stub_licensed_features(external_audit_events: true) + end + + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { "group_deploy_token_destroyed" } + end + context 'when group is a sub-group' do let_it_be(:parent_group) { create :group } let_it_be(:group) { create :group, parent: parent_group } diff --git a/ee/spec/services/ee/groups/deploy_tokens/revoke_service_spec.rb b/ee/spec/services/ee/groups/deploy_tokens/revoke_service_spec.rb index 87981df0e457da6fd32896d13ffb30d57f4201bc..bdf0bd049ef2bc7f3736df7ef9e51272e8fda3b8 100644 --- a/ee/spec/services/ee/groups/deploy_tokens/revoke_service_spec.rb +++ b/ee/spec/services/ee/groups/deploy_tokens/revoke_service_spec.rb @@ -4,6 +4,7 @@ RSpec.describe Groups::DeployTokens::RevokeService do let_it_be(:entity) { create(:group) } + let_it_be(:destination) { create(:external_audit_event_destination, group: entity) } let_it_be(:deploy_token) { create(:deploy_token, :group, groups: [entity]) } let_it_be(:user) { create(:user) } let_it_be(:deploy_token_params) { { id: deploy_token.id } } @@ -22,6 +23,14 @@ expect(AuditEvent.last.details[:custom_message]).to eq(expected_message) end + before do + stub_licensed_features(external_audit_events: true) + end + + it_behaves_like 'sends correct event type in audit event stream' do + let_it_be(:event_type) { "group_deploy_token_revoked" } + end + context 'when group is a sub-group' do let_it_be(:parent_group) { create :group } let_it_be(:group) { create :group, parent: parent_group }