Add audit logging for secure CI_JOB_TOKEN setting

Problem to solve

Users want to know when the secure workflows for CI_JOB_TOKEN has been changed/enabled/disabled for the CI_JOB_TOKEN in the audit logs.

Proposal

Add an audit event when the setting is changed.

Documentation for audit event schema

• name - secure_ci_job_token
• author - user who made the change
• scope - project that is being changed
• target - setting (inbound/outbound), status (enabled, disabled), allowed project name
• message
  • Secure ci_job_token was enabled/disabled for scope
  • Project x was added/removed to inbound/outbound list of allowed projects for scope
  • Note that after 16.0 only the inbound setting will be active as outbound/non limited will be removed so the target may change.
• created_at - date timestamp

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.