Add audit events for SD Exclusions on create, update and delete (!167943) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This merge request adds audit events for SD Exclusions when an exclusion is created, updated, or deleted.

I have evaluated this MR against the MR acceptance checklist.

To test the exclusions work as expected, select a project that exist already in your GDK or create a new one.
Find the project id for the project you have chosen or just created.
Make sure secret push protection is enabled for the project.
- Enable pre_receive_secret_detection_push_check FF for the project from Rails console (if not enabled already).
Ensure to enable the secret_detection_project_level_exclusions FF for the project from Rails console.

> project = Project.find(PROJECT_ID)

> Feature.enable(:secret_detection_project_level_exclusions, project)

Navigate to secret detection configuration page: PROJECT_PATH/-/security/configuration/secret_detection.
Under Exclusions tab, create a new exclusion.
Navigate to Secure > Audit Events from the sidebar.
Validate that a new audit event was created for the exclusion.
Go back to secret detection configuration page, update the exclusion, repeat the validation step above.
Delete the exclusion, repeat the validation step above again.

Edited Oct 03, 2024 by Ahmed Hemdan