Audit CI runner event when assigning to project
Audit need
When admins, group/project owners/maintainers assign a runner to a project, it is important to preserve a trail of data of the event.
Proposal
Add the following audit events for when a GitLab Runner is assigned to a project.
- Date and timestamp in UTC
- Public IP address (i.e. the source IP address from where the registration command was run)
- Runner short SHA
- Newly assigned project
Implementation
-
1. Move the logic to assign a runner to a project from API::Ci::Runners to a new AssignRunnerService
class. -
2. Move the logic to unassign a runner from a project from API::Ci::Runners to a new UnassignRunnerService
class. -
3. Add auditing in AssignRunnerService#execute
method. -
4. Add auditing in UnassignRunnerService#execute
method (!81540 (merged)).
Edited by Pedro Pombeiro