Add changes to group-level push rules to audit events

Problem to solve

In %13.0 we introduced group-level push rules, but changes to these settings are not currently tracked in the group audit events table. This prevents organizations from knowing who modified these sensitive settings and when, which creates a gap in their compliance posture, specifically for non-repudiation.

Intended users

Cameron (Compliance Manager)
Sidney (Systems Administrator)

Proposal

Use ::Gitlab::Audit::Auditor.audit for tracking audit events from push_rules/create_or_update_service.rb
Changes should be similar to MR !73656 (merged)

Further details

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references

Edited Nov 09, 2021 by Huzaifa Iftikhar