Audit Events: Log feature flag enable/disable if actor is present

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

Feature flag changes can affect the security of users and organizations. However, they are not logged as audit events. This was reported by a Premium customer and also noted by GitLab internally.

Proposal

Feature flag enable and disable should be logged as individual Audit Events.

Proposed Solution

1. Make Gitlab::Audit::RailsConsoleAuthor class, Use this for author data in audit_event.
2. For Target use Feature::FlipperGate.
3. Store actor as scope for audit event.
4. Use Auditor Framework to generate audit events. refer: https://docs.gitlab.com/ee/development/audit_event_guide/#how-to-instrument-new-audit-events