Skip to content
Snippets Groups Projects
Commit 453a159a authored by Linjie Zhang's avatar Linjie Zhang Committed by Vasilii Iakliushin
Browse files

Stream audit event on merge request create

Stream audit event for mergre request create action.

Changelog: added
EE: true
parent a590c064
No related branches found
No related tags found
1 merge request!90911Stream audit event for merge request create action
......@@ -506,3 +506,52 @@ X-Gitlab-Audit-Event-Type: audit_operation
"event_type": "audit_operation"
}
```
## Audit event streaming on merge request create actions
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90911) in GitLab 15.2.
Stream audit events that relate to merge request create actions using the `/logs` endpoint.
Send API requests that contain the `X-Gitlab-Audit-Event-Type` header with value `merge_request_create`. GitLab responds with JSON payloads with an
`event_type` field set to `merge_request_create`.
### Headers
Headers are formatted as follows:
```plaintext
POST /logs HTTP/1.1
Host: <DESTINATION_HOST>
Content-Type: application/x-www-form-urlencoded
X-Gitlab-Audit-Event-Type: merge_request_create
X-Gitlab-Event-Streaming-Token: <DESTINATION_TOKEN>
```
### Example payload
```json
{
"id": 1,
"author_id": 1,
"entity_id": 24,
"entity_type": "Project",
"details": {
"author_name": "example_user",
"target_id": 132,
"target_type": "MergeRequest",
"target_details": "Update test.md",
"custom_message": "Added merge request",
"ip_address": "127.0.0.1",
"entity_path": "example-group/example-project"
},
"ip_address": "127.0.0.1",
"author_name": "Administrator",
"entity_path": "example-group/example-project",
"target_details": "Update test.md",
"created_at": "2022-07-04T00:19:22.675Z",
"target_type": "MergeRequest",
"target_id": 132,
"event_type": "merge_request_create"
}
```
......@@ -15,6 +15,23 @@ def after_create(issuable)
::MergeRequests::UpdateBlocksService
.new(issuable, current_user, blocking_merge_requests_params)
.execute
stream_audit_event(issuable)
end
private
def stream_audit_event(merge_request)
audit_context = {
name: 'merge_request_create',
stream_only: true,
author: current_user,
scope: merge_request.project,
target: merge_request,
message: 'Added merge request'
}
::Gitlab::Audit::Auditor.audit(audit_context)
end
end
end
......
......@@ -52,6 +52,20 @@
it_behaves_like 'service with multiple reviewers' do
let(:execute) { service.execute }
end
it 'sends the audit streaming event' do
audit_context = {
name: 'merge_request_create',
stream_only: true,
author: user,
scope: project,
message: 'Added merge request'
}
expect(::Gitlab::Audit::Auditor).to receive(:audit).with(hash_including(audit_context))
service.execute
end
end
describe '#execute with blocking merge requests', :clean_gitlab_redis_shared_state do
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment