Skip to content

Audit event for merge request merged deletion started

Harsimar Sandhu requested to merge 408288-merged-merge-request-delete-event-started into master

What does this MR do and why?

Describe in detail what your merge request does and why.

Audit event for merge request merged deletion started

This commit adds audit event when a merged merge request deletion is started.

EE: true Changelog: added

Why?

to find out who deleted a merged merge request to identify potential training and permission assignment issues.

Audit logs should include events for when a merged merge request is deleted. The event should include the following information:

  • List of contributors who committed code
  • List of approvers
  • List of all labels applied to the MR when it was deleted
  • Person who merged it

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

  1. Setup external audit event destination: https://docs.gitlab.com/ee/administration/audit_event_streaming.html#add-a-new-streaming-destination
  2. Create a merge request in a project under the group to which you added external audit event destination
  3. Merge the merge request created.
  4. delete the merge request.
  5. Check the streamed audit event on destination should have event name: merged_merge_request_deletion_started

Sample audit event:

{
  "id": "7be6ade0-3c3b-4543-8afe-81711ab4f26d",
  "author_id": 1,
  "entity_id": 31,
  "entity_type": "Project",
  "details": {
    "author_name": "Administrator",
    "author_class": "User",
    "target_id": 277,
    "target_type": "MergeRequest",
    "target_details": {
      "title": "Update compliance-framework.yml",
      "iid": 6,
      "id": 277,
      "type": "MergeRequest"
    },
    "custom_message": "Removed MergeRequest(Update compliance-framework.yml with IID: 6 and ID: 277), committer_user_ids: 1, merged_by_user_id: 1",
    "ip_address": "127.0.0.1",
    "entity_path": "complianceframework/projectz"
  },
  "ip_address": "127.0.0.1",
  "author_name": "Administrator",
  "entity_path": "complianceframework/projectz",
  "target_details": "{\"title\"=>\"Update compliance-framework.yml\", \"iid\"=>6, \"id\"=>277, \"type\"=>\"MergeRequest\"}",
  "created_at": "2023-05-25T09:09:16.541Z",
  "target_type": "MergeRequest",
  "target_id": 277,
  "event_type": "merged_merge_request_deletion_started"
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #408288 (closed)

Edited by Harsimar Sandhu

Merge request reports