Capture instance configuration changes as an audit event

Problem to solve

We're adding the ability to prohibit admin impersonation in https://gitlab.com/gitlab-org/gitlab-ce/issues/40385. Changes to such a configuration setting are significant events, and currently changes to gitlab.rb and config/gitlab.yml are only tracked in git.

When important changes are made to an instance's configuration settings, we should consider capturing these as an audit event (https://docs.gitlab.com/ee/administration/audit_events.html). This would mean that these changes would get surfaced in the audit_events table and in the structured audit_json.log, making monitoring for these important changes elsewhere like Elasticsearch much easier.

Proposal

• Save state of gitlab.rb and config/gitlab.yml.
• On boot, compare new state of the above to saved state. Log changes.
  • No need to log everything if there's no saved state.

Links / references