Audit API access to group and project variables
What does this MR do and why?
Implements #555960 (closed)
This addresses a key security/compliance gap by ensuring all access to sensitive CI/CD variable values is auditable, supporting zero-trust and regulated environments.
References
How to set up and validate locally
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Manuel Grabowski