When a project's default branch is changed, we need to ensure that the default context follows the branch name change

When projects are created, we create a default tracked context for the project. However, because a project can be created without a repository, and the repository added later, it's possible for the name of the default branch to not be what the default tracked context is.

So we need a new service (probably a tracked context update service) that will be called to update the name of the default tracked context of a project when:

  1. The default branch of a project is changed (this already emits a EventStore event that we can attach this behaviour to. Please retrieve the event name).

  2. The other is when a repository is added to a project that does not have one yet. We need to subscribe to this as well to ensure we align the default branch and tracked context name. If an event does not already exist for this, we should add one.

Implementation Plan

Event Names Identified

  1. Default Branch Changed Event: Repositories::DefaultBranchChangedEvent

    • Location: app/events/repositories/default_branch_changed_event.rb
    • Published in: app/models/concerns/has_repository.rb (method: after_repository_change_head)
    • Already subscribed by: Search::Zoekt::DefaultBranchChangedWorker, Security::SyncPolicyEventWorker, Search::ElasticDefaultBranchChangedWorker

  2. Project Created Event: Projects::ProjectCreatedEvent

    • Location: app/events/projects/project_created_event.rb
    • Published in: app/services/projects/create_service.rb (method: publish_event)
    • Already subscribed by: Security::CreateDefaultTrackedContextWorker (creates default tracked context on project creation)

  3. Repository Created Event: DOES NOT EXIST

    • No existing event for when a repository is added to a project that doesn't have one
    • Need to create: Repositories::RepositoryCreatedEvent

Tasks

  1. Create Repositories::RepositoryCreatedEvent

    • Create event class at app/events/repositories/repository_created_event.rb
    • Define schema with container_id and container_type (similar to DefaultBranchChangedEvent)
    • Publish event in app/models/concerns/has_repository.rb when repository is created

  2. Create Security::ProjectTrackedContexts::UpdateService (Generic Update Service)

    • Service to update tracked context names when default branch changes or repository is created
    • Should find the default tracked context for a project and update its context_name to match the current default branch
    • If the default tracked context doesn't exist, create it
    • Handle edge cases (e.g., context name already matches, multiple contexts, etc.)

  3. Create Security::SyncDefaultTrackedContextWorker

    • EventStore subscriber worker for both:
      • Repositories::DefaultBranchChangedEvent (when default branch changes)
      • Repositories::RepositoryCreatedEvent (when repository is added to project)
    • Calls Security::ProjectTrackedContexts::UpdateService to:
      • Create the default tracked context if it doesn't exist (should exist since project was created, but handle edge case)
      • Ensure the name of the default context aligns with the current default branch
    • Subscribe in ee/lib/ee/gitlab/event_store.rb to both events

  4. Update app/models/concerns/has_repository.rb

    • Add publishing of Repositories::RepositoryCreatedEvent when repository is created
    • Ensure event is published with correct container information

  5. Add Tests

    • Unit tests for the new service and worker
    • Integration tests to verify the flow works end-to-end for both events
Edited by Gregory Havenga (is on PTO from 15 December 2025 to 02 January 2026)