Create audit events for container repository destruction (!152967) · Merge requests · GitLab.org / GitLab

Aaron Huntsman requested to merge 362290-container-registry-audit-events into master May 14, 2024

What does this MR do and why?

Creates the container_repository_deletion_marked audit event, to be logged whenever a project's container registry is marked for deletion. This may happen by the user manually deleting a repository in the UI, or via API.

Creates the container_repository_deleted audit event, to be logged when ContainerRegistry::DeleteContainerRepositoryWorker destroys a repository marked for deletion.

How to set up and validate locally

Create a project
Build and push a container image to the repository as described here.
Check Deploy > Container Registry for that project, and find the new repository (it may take a few minutes to appear).
Click the Delete icon on the right for the new repository.
Verify an audit event is created for the deletion being marked. Another event should be created when the repository is deleted on schedule.

For GraphQL

Repeat steps 1-3 as above.
Run a deleteContainerRepository mutation in the GraphQL explorer. The query will look something like this:

mutation {
  destroyContainerRepository(input:{ id: "gid://gitlab/ContainerRepository/4" }) {
    containerRepository {
      name
    }
  }
}

Verify audit events as above.

Related to #362290

Edited May 29, 2024 by Aaron Huntsman

Create audit events for container repository destruction

What does this MR do and why?

How to set up and validate locally

For GraphQL

Merge request reports