Event type information in deploy key audit event

EE: true
Changelog: added

app/models/deploy_key.rb

@@ -40,6 +40,10 @@ def user
     super || User.ghost
   end
 
+  def audit_details
+    title
+  end
+
   def has_access_to?(project)
     deploy_keys_project_for(project).present?
   end

ee/app/services/ee/deploy_keys/create_service.rb

@@ -9,16 +9,24 @@ module CreateService
       def execute(project: nil)
         super.tap do |key|
           if project && key.persisted?
-            log_audit_event(key.title, project, action: :create)
+            log_audit_event(key, project)
           end
         end
       end
 
       private
 
-      def log_audit_event(key_title, project, options = {})
-        ::AuditEventService.new(user, project, options)
-          .for_deploy_key(key_title).security_event
+      def log_audit_event(key, project)
+        audit_context = {
+          name: 'deploy_key_added',
+          author: user,
+          scope: project,
+          target: key,
+          message: "Added deploy key",
+          additional_details: { add: "deploy_key" }
+        }
+
+        ::Gitlab::Audit::Auditor.audit(audit_context)
       end
     end
   end

ee/app/services/ee/projects/disable_deploy_key_service.rb

@@ -9,14 +9,22 @@ def execute
     super.tap do |deploy_key_project|
       break unless deploy_key_project
 
-      log_audit_event(deploy_key_project.deploy_key.title, action: :destroy)
+      log_audit_event(deploy_key_project.deploy_key)
     end
   end
 
   private
 
-  def log_audit_event(key_title, options = {})
-    AuditEventService.new(current_user, project, options)
-      .for_deploy_key(key_title).security_event
+  def log_audit_event(key)
+    audit_context = {
+      name: 'deploy_key_removed',
+      author: current_user,
+      scope: project,
+      target: key,
+      message: "Removed deploy key",
+      additional_details: { remove: "deploy_key" }
+    }
+
+    ::Gitlab::Audit::Auditor.audit(audit_context)
   end
 end

ee/app/services/ee/projects/enable_deploy_key_service.rb

@@ -9,14 +9,22 @@ def execute
     super.tap do |key|
       break unless key
 
-      log_audit_event(key.title, action: :create)
+      log_audit_event(key)
     end
   end
 
   private
 
-  def log_audit_event(key_title, options = {})
-    AuditEventService.new(current_user, project, options)
-      .for_deploy_key(key_title).security_event
+  def log_audit_event(key)
+    audit_context = {
+      name: 'deploy_key_added',
+      author: current_user,
+      scope: project,
+      target: key,
+      message: "Added deploy key",
+      additional_details: { add: "deploy_key" }
+    }
+
+    ::Gitlab::Audit::Auditor.audit(audit_context)
   end
 end

ee/spec/services/deploy_keys/create_service_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe DeployKeys::CreateService do
+  let_it_be(:group) { create(:group) }
+  let_it_be(:destination) { create(:external_audit_event_destination, group: group) }
+  let_it_be(:project) { create(:project, :repository, group: group) }
+  let_it_be(:user) { create(:user) }
+  let_it_be(:params) { attributes_for(:deploy_key) }
+
+  subject { described_class.new(user, params).execute(project: project) }
+
+  before do
+    stub_licensed_features(audit_events: true, external_audit_events: true)
+  end
+
+  it "creates a deploy key" do
+    expect { subject }.to change { DeployKey.where(params.merge(user: user)).count }.by(1)
+  end
+
+  it 'records an audit event', :aggregate_failures do
+    expect { subject }.to change { AuditEvent.count }.by(1)
+    audit_event = AuditEvent.last
+
+    expect(audit_event.author_id).to eq(user.id)
+    expect(audit_event.entity_id).to eq(project.id)
+    expect(audit_event.entity_type).to eq(project.class.name)
+    expect(audit_event.details).to include({
+                                             add: "deploy_key",
+                                             author_name: user.name,
+                                             custom_message: "Added deploy key",
+                                             target_details: params[:title],
+                                             target_type: "DeployKey"
+                                           })
+  end
+
+  it_behaves_like 'sends correct event type in audit event stream' do
+    let_it_be(:event_type) { "deploy_key_added" }
+  end
+end

ee/spec/services/projects/disable_deploy_key_service_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Projects::DisableDeployKeyService do
+  let_it_be(:group) { create(:group) }
+  let_it_be(:destination) { create(:external_audit_event_destination, group: group) }
+  let_it_be(:deploy_key) { create(:deploy_key) }
+  let_it_be(:project) { create(:project, group: group) }
+  let_it_be(:deploy_key_project) { create(:deploy_keys_project, project: project, deploy_key: deploy_key) }
+  let_it_be(:user) { project.creator }
+  let_it_be(:params) { { id: deploy_key.id } }
+
+  let_it_be(:service) { described_class.new(project, user, params) }
+
+  before do
+    stub_licensed_features(audit_events: true, external_audit_events: true)
+  end
+
+  it 'records an audit event' do
+    expect { service.execute }.to change { AuditEvent.count }.by(1)
+
+    audit_event = AuditEvent.last
+
+    expect(audit_event.author_id).to eq(user.id)
+    expect(audit_event.entity_id).to eq(project.id)
+    expect(audit_event.entity_type).to eq(project.class.name)
+    expect(audit_event.details).to include({
+                                             remove: "deploy_key",
+                                             author_name: user.name,
+                                             custom_message: "Removed deploy key",
+                                             target_details: deploy_key.title,
+                                             target_type: "DeployKey"
+                                           })
+  end
+
+  it_behaves_like 'sends correct event type in audit event stream' do
+    let(:subject) { service.execute }
+
+    let_it_be(:event_type) { "deploy_key_removed" }
+  end
+end

ee/spec/services/projects/enable_deploy_key_service_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Projects::EnableDeployKeyService do
+  let_it_be(:group) { create(:group) }
+  let_it_be(:destination) { create(:external_audit_event_destination, group: group) }
+  let_it_be(:deploy_key) { create(:deploy_key, public: true) }
+  let_it_be(:project) { create(:project, group: group) }
+  let_it_be(:user) { project.creator }
+  let_it_be(:params) { { key_id: deploy_key.id } }
+
+  let_it_be(:service) { described_class.new(project, user, params) }
+
+  before do
+    stub_licensed_features(audit_events: true, external_audit_events: true)
+  end
+
+  it 'records an audit event' do
+    expect { service.execute }.to change { AuditEvent.count }.by(1)
+
+    audit_event = AuditEvent.last
+
+    expect(audit_event.author_id).to eq(user.id)
+    expect(audit_event.entity_id).to eq(project.id)
+    expect(audit_event.entity_type).to eq(project.class.name)
+    expect(audit_event.details).to include({
+                                             add: "deploy_key",
+                                             author_name: user.name,
+                                             custom_message: "Added deploy key",
+                                             target_details: deploy_key.title,
+                                             target_type: "DeployKey"
+                                           })
+  end
+
+  it_behaves_like 'sends correct event type in audit event stream' do
+    let(:subject) { service.execute }
+
+    let_it_be(:event_type) { "deploy_key_added" }
+  end
+end

spec/models/deploy_key_spec.rb

@@ -146,4 +146,10 @@
       end
     end
   end
+
+  describe '#audit_details' do
+    it "equals to the key's title" do
+      expect(subject.audit_details).to eq(subject.title)
+    end
+  end
 end