Audit when job token is used for authentication (!164546) · Merge requests · GitLab.org / GitLab

Harsimar Sandhu requested to merge 481325-audit-event-when-user-authenticates-using-job-token into master Aug 30, 2024

What does this MR do and why?

Audit when job token is used for authentication

This commit adds audit event when a job token is used for authentication

EE: true Changelog: added

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before	After

How to set up and validate locally

Setup streaming audit event destination: https://docs.gitlab.com/ee/administration/audit_event_streaming/#http-destinations
Create a pipeline with below template

stages:
  - debug

print-token-and-wait:
  stage: debug
  script:
    - echo "The job will now wait for 10 minutes. You can use the CI_JOB_TOKEN during this time to make API calls."
    - sleep 600

To get the ci job token: open rails console and type: "Ci::Build.last.token"
Use this token to call GitLab API's, For testing I used:

curl --header "JOB-TOKEN: YOUR_TOKEN_HERE" "{{gdk_base_url}}/api/v4/job"

Check streamed audit event.

Related to #481325

Edited Sep 04, 2024 by Harsimar Sandhu

Audit when job token is used for authentication

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports