Fire `deployment_started` event when a deployment is started to a protected environment

Release notes

From a compliance standpoint, you want to have an easy to query record of events related to your deployment process, like approvals and rejections of a proposed deployment or the start of the deployment action itself. Until now, GitLab did not provide designated audit events, and compliance managers had to use custom tooling or search for this data in the GitLab UI / APIs. GitLab now ships three new audit events

• the deployment_started event signals who, when started a deployment job
• the deployment_approved event signals who, when approved a deployment
• the deployment_rejected event signals who, when rejected a deployment

You can read more about all the continuous delivery related audit events in the related documentation.

Proposal

Extend the continuous delivery audit events with a deployment_started event when a deployment is started to a protected environment

Implementation

a possible solution is to use the deployment state machine

But we'd need to adding something to the EE model Something like

psuedo code example

    after_transition any => :running do |deployment, transition|
      deployment.run_after_commit do

       audit(my_new_audit_event) if deployment.to_protected_environment?

      end
    end

We'll want to check with database team member to make sure this method will be performant enough in this use case