Add pipeline schedule update audit events

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Release notes

GitLab now provides comprehensive audit logging for pipeline schedule modifications made through ActiveRecord-level updates, ensuring that changes to pipeline schedules via Rails console or direct database operations are properly tracked in audit logs. This enhancement closes a security gap where pipeline schedule modifications performed outside the UI or API were previously not captured in audit events.

Problem to solve

Currently, GitLab's audit logging system does not capture changes made to pipeline schedules through direct ActiveRecord .update method calls, such as those executed via Rails console scripts. This creates a visibility gap when administrators make changes to pipeline schedules that bypass the normal audit event callbacks.

This issue was highlighted when a customer's script intended to disable pipeline schedules inadvertently enabled them instead, and there was no audit trail to investigate what happened. The lack of visibility into these types of changes makes troubleshooting difficult and creates operational risks for organizations that rely on pipeline schedules for critical workflows.

Proposal

Implement a mechanism to ensure all ActiveRecord-level updates to pipeline schedules are captured in GitLab's audit logs, regardless of how they are triggered. This would include:

1. Creating audit hooks that capture pipeline schedule updates even when they bypass the standard controller/API audit callbacks
2. Ensuring that Rails console operations on pipeline schedules generate appropriate audit events
3. Adding metadata to audit events to indicate the origin of the change (UI, API, Rails console, etc.)
4. Capturing key information such as schedule status changes (enabled/disabled), cron changes, and other critical modifications

This focused implementation would serve as a pilot for potentially extending similar auditing to other critical models in the future, based on customer feedback and operational needs.

Intended users

• Sidney (Systems Administrator) - Needs visibility into pipeline schedule changes for troubleshooting
• Priyanka (Platform Engineer) - Requires audit trails when making pipeline schedule changes via scripts
• Rachel (Release Manager) - Needs to track changes to scheduled pipelines that affect releases
• Allison (Application Ops) - Requires visibility into pipeline schedule changes for operational troubleshooting

Feature Usage Metrics

We will track:

1. Count of audit events generated from ActiveRecord-level updates to pipeline schedules
2. Number of instances with pipeline schedule audit events
3. Frequency of different types of pipeline schedule modifications (enable/disable, cron changes, etc.)

Does this feature require an audit event?

Yes, this feature is specifically about enhancing the audit event system to capture pipeline schedule operations that currently bypass audit logging. It improves GitLab's operational visibility by ensuring all pipeline schedule changes are properly logged regardless of how they're initiated.