Audit group modifications to CI_JOB_TOKEN
What does this MR do and why?
Audit group modifications to CI_JOB_TOKEN
This add audit logging for modifications (additions, removals) of groups in the CI_JOB_TOKEN allow list, bringing these in line with project modifications to the same list.
Resolves: #467840 (closed)
Signed-off-by: Alexander Scheel <ascheel@gitlab.com>
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist.
It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- Visit the CI/CD page of a project (
flightjs/Flight/-/settings/ci_cd
). - Add or remove a group from the "Job Token Permissions" section.
- Check audit events for new records.