Audit Events for ai catalog agents

Jaydip Pansuriyarequested to merge
566901-audit-events-for-ai-catalog-agents into master

What does this MR do and why?

This merge request adds audit logging functionality for AI catalog agents in GitLab. When users create, update, delete, enable, or disable AI agents, the system now automatically records detailed audit events that track what happened, who did it, and when it occurred.

The changes include creating five new audit event types and building a service that generates human-readable messages describing the specific actions taken. For example, when someone creates an AI agent, the audit log will show details like "Created a new private AI agent with tools: [gitlab_blob_search, ci_linter]" along with version information.

Issue: #566901 (closed)

References

Screenshots or screen recordings

Before After

How to set up and validate locally

  1. Enable global_ai_catalog Feature flag.

  2. Create an new agent from Explore > Ai Catalog > Agents

  3. Go to project for which you have created agent. Let's say you created agent on Gitlab Duo > test project. Then go to Project audit event page of the project. Secure > Audit events (url: http://gdk.test:3000/gitlab-duo/test/-/audit_events)

  4. You will be able to see 3 audit event for creation as showing in below image. 1st and 2nd are related to new agent creation while 3rd is for agent is enabled in the project. image

  5. Update above created agent's visibility, system prompt and add some 1 tools and remove 2 tools. You will see there will be 3 audit event as below. 1) New draft version 2.0.0 is created when agent version got update. 2) Visibility change. 3) Agent tools added and remove some existing tools, system prompt changed.

image

  1. Go to agent and enable it for different project (Typeahead.js). You need to go to that project's audit event and you will see audit event related to agent enabled in the project.

image

  1. Go to this project (Typeahead.js) > Automate > Agents and from here remove this Issue planner agent. New audit event will trigger.

image

  1. Go to Explore > Ai catalog > Agents > Issue planner, delete this agent, you will see audit event in project Gitlab Duo/Test

image

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #566901 (closed)

Edited by Jaydip Pansuriya

Merge request reports