Add changes to group-level push rules to audit events
Problem to solve
In %13.0 we introduced group-level push rules, but changes to these settings are not currently tracked in the group audit events table. This prevents organizations from knowing who modified these sensitive settings and when, which creates a gap in their compliance posture, specifically for non-repudiation.
Intended users
Proposal
- Use
::Gitlab::Audit::Auditor.audit
for tracking audit events frompush_rules/create_or_update_service.rb
- Changes should be similar to MR !73656 (merged)
Further details
What does success look like, and how can we measure that?
What is the type of buyer?
Is this a cross-stage feature?
Links / references
Edited by Huzaifa Iftikhar