Skip to content

Create audit events when deployments are approved or rejected

Tiger Watson requested to merge 456685-deployment-audit-events into master

What does this MR do and why?

Adds two new audit event types, deployment_approved and deployment_rejected.

Events for these types are created whenever a deployment is approved or rejected (including when an existing approval is updated).

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Screenshot_2024-05-20_at_10.04.52_AM

How to set up and validate locally

  1. Create a project, and follow configure deployment approvals to set up a protected environment that requires approval.
  2. Start a pipeline, which should go into a waiting state.
  3. From the waiting job, click through to the approvals page and approve or reject the deployment.
  4. Visit admin -> monitoring -> audit events and see that an event has been logged for the approval/rejection.

Related to #456685 (closed)

Edited by Tiger Watson

Merge request reports