Skip to content
Snippets Groups Projects

Draft: Add audit event when project avatar is updated

What does this MR do and why?

Closes #8056

Adds audit event whenever project avatar is updated.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
    • Issue: This job in the pipeline failed with the following error "Audit event types documentation is outdated! Please update it by running bundle exec rake gitlab:audit_event_types:compile_docs."

      Can you please run bundle exec rake gitlab:audit_event_types:compile_docs and commit the changes that are auto-generated?

    • @huzaifaiftikhar1

      I tried running the command but, it gives me config error.

      > bundle exec rake gitlab:audit_event_types:compile_docs
      
      rake aborted!
      Cannot load database configuration:
      Could not load database configuration. No such file - ["config/database.yml"]
    • Tried few things to resolve it and got another error related to secrets.yml:

      Missing Rails.application.secrets.secret_key_base for development environment. The secret will be generated and stored in config/secrets.yml.
      Missing Rails.application.secrets.otp_key_base for development environment. The secret will be generated and stored in config/secrets.yml.
      Missing Rails.application.secrets.db_key_base for development environment. The secret will be generated and stored in config/secrets.yml.
      Missing Rails.application.secrets.openid_connect_signing_key for development environment. The secret will be generated and stored in config/secrets.yml.
      rake aborted!

      The config/secrets.yml already exists with all the mentioned keys. Not sure, why it's not working.

    • @harshitprasad This look weird as this command works fine for me locally, can you try setting up a clean GDK again and retry the command? You can also use Gitpod for development. In case this doesn't work then I will try run the command and push the changes. What do you think?

    • Please register or sign in to reply
  • 3 3 module Audit
    4 4 class ProjectChangesAuditor < BaseChangesAuditor
    5 5 def execute
    6 audit_changes(:avatar, as: 'avatar', model: model, event_type: 'project_avatar_updated')
    • Suggestion: Should we also write RSpecs for testing this change?

    • Yeah sure absolutely! Will try to write a rspec for this one.

    • Added rspec 👍🏻

    • The RSpecs that have been added failed in this job. Can you please take a look and fix them?

      RSpec failure logs
      Audit::ProjectChangesAuditor
        # order random
        .audit_changes
          audit changes
            when project avatar is updated
              behaves like project_audit_events_from_to
                calls auditor (FAILED - 1)
                  
      1st Try error in ./ee/spec/lib/audit/project_changes_auditor_spec.rb:39:
      #<Gitlab::Audit::Auditor (class)> received :audit with unexpected arguments
        expected: ({:additional_details=>{:change=>"avatar", :from=>"interesting avatar", :target_details=>"group1/inter...>>, :target=>#<Project id:169 group1/interesting-path>>, :target_details=>"group1/interesting-path"})
             got: ({:additional_details=>{:change=>"avatar", :from=>nil, :target_details=>"group1/interesting-path", :to...>>, :target=>#<Project id:169 group1/interesting-path>>, :target_details=>"group1/interesting-path"})
      Diff:
      @@ -1,10 +1,10 @@
       [{:additional_details=>
          {:change=>"avatar",
      -    :from=>"interesting avatar",
      +    :from=>nil,
           :target_details=>"group1/interesting-path",
      -    :to=>"super cool avatar"},
      +    :to=>nil},
         :author=>#<User id:131 @user1>,
      -  :message=>"Changed avatar from interesting avatar to super cool avatar",
      +  :message=>"Changed avatar",
         :name=>"project_avatar_updated",
         :scope=>#<Project id:169 group1/interesting-path>>,
         :target=>#<Project id:169 group1/interesting-path>>,
    • Please register or sign in to reply
  • Thanks for working on this @harshitprasad, I've added a few comments, can you please take a look at those and ping me when ready for another review?

  • Huzaifa Iftikhar removed review request for @huzaifaiftikhar1

    removed review request for @huzaifaiftikhar1

  • Harshit Prasad added 1 commit

    added 1 commit

    • 453ceb8b - Added rspec for project avatar update audit event

    Compare with previous version

  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Please register or sign in to reply
    Loading