Add auditing of runner token reset operations
What does this MR do and why?
Describe in detail what your merge request does and why.
This MR adds auditing to the Ci::Runners::ResetRegistrationTokenService
class. It does so by adding an EE version of ResetRegistrationTokenService
and a supporting RunnersTokenAuditEventService
class to allow creating audit log entries related to runner registration token changes.
NOTE: I have used the User
model as the entity when resetting the runners token in ApplicationSetting
because ApplicationSetting
doesn't define #full_path
(among other required properties), causing a crash in https://gitlab.com/gitlab-org/gitlab/blob/pedropombeiro%2F355637%2Flog-token-reset/ee/app/services/ee/audit_event_service.rb#L294-294. Not sure if there's a better approach?
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
Screenshots |
---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Visit http://gdk.test:3000/admin/runners
- Click the
Register an instance runner
button and thenReset registration token
under it. - Visit http://gdk.test:3000/admin/audit_logs, a new log entry should be visible describing the action taken.
- Visit a group runners settings page, e.g. http://gdk.test:3000/groups/gitlab-instance-80acc125/-/runners.
- Click the
Register a group runner
button and thenReset registration token
under it. - Visit http://gdk.test:3000/admin/audit_logs, a new log entry should be visible describing the action taken.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Closes #355637 (closed)