Add audit events for SD Exclusions on create, update and delete
What does this MR do and why?
This merge request adds audit events for SD Exclusions when an exclusion is created, updated, or deleted.
Resolves #492464 (closed).
MR acceptance checklist
I have evaluated this MR against the MR acceptance checklist.
Screenshots or screen recordings
How to set up and validate locally
- To test the exclusions work as expected, select a project that exist already in your GDK or create a new one.
- Find the project id for the project you have chosen or just created.
- Make sure secret push protection is enabled for the project.
- Enable
pre_receive_secret_detection_push_check
FF for the project from Rails console (if not enabled already).
- Enable
- Ensure to enable the
secret_detection_project_level_exclusions
FF for the project from Rails console.
> project = Project.find(PROJECT_ID)
> Feature.enable(:secret_detection_project_level_exclusions, project)
- Navigate to secret detection configuration page:
PROJECT_PATH/-/security/configuration/secret_detection
. - Under
Exclusions
tab, create a new exclusion. - Navigate to Secure > Audit Events from the sidebar.
- Validate that a new audit event was created for the exclusion.
- Go back to secret detection configuration page, update the exclusion, repeat the validation step above.
- Delete the exclusion, repeat the validation step above again.
Edited by Ahmed Hemdan