Skip to content

Audit group modifications to CI_JOB_TOKEN

What does this MR do and why?

Audit group modifications to CI_JOB_TOKEN

This add audit logging for modifications (additions, removals) of groups in the CI_JOB_TOKEN allow list, bringing these in line with project modifications to the same list.

Resolves: #467840 (closed)

Signed-off-by: Alexander Scheel <ascheel@gitlab.com>

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist.

It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

  1. Visit the CI/CD page of a project (flightjs/Flight/-/settings/ci_cd).
  2. Add or remove a group from the "Job Token Permissions" section.
  3. Check audit events for new records.

Merge request reports

Loading