From 05f30ac6bbb5c6f5dcc7fb045bb8761434290367 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 9 Jan 2019 22:50:51 -0800
Subject: [PATCH] Disable audit event logging for pipeline destruction

AuditEventService isn't equipped to handle logging of the destruction of
entities such as CI pipelines. It's a project-level event that operates
on a pipeline. The current log doesn't even indicate that the pipeline
is being destroyed.

This is a CE backport of
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/9105.  We're
removing the auditing call because it breaks the EE implementation.
---
 app/services/ci/destroy_pipeline_service.rb       | 2 --
 spec/requests/api/pipelines_spec.rb               | 4 ++--
 spec/services/ci/destroy_pipeline_service_spec.rb | 4 ++--
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/app/services/ci/destroy_pipeline_service.rb b/app/services/ci/destroy_pipeline_service.rb
index 13f892aabb8..5c4a34043c1 100644
--- a/app/services/ci/destroy_pipeline_service.rb
+++ b/app/services/ci/destroy_pipeline_service.rb
@@ -5,8 +5,6 @@ module Ci
     def execute(pipeline)
       raise Gitlab::Access::AccessDeniedError unless can?(current_user, :destroy_pipeline, pipeline)
 
-      AuditEventService.new(current_user, pipeline).security_event
-
       pipeline.destroy!
     end
   end
diff --git a/spec/requests/api/pipelines_spec.rb b/spec/requests/api/pipelines_spec.rb
index eb002de62a2..52599db9a9e 100644
--- a/spec/requests/api/pipelines_spec.rb
+++ b/spec/requests/api/pipelines_spec.rb
@@ -456,8 +456,8 @@ describe API::Pipelines do
         expect(json_response['message']).to eq '404 Not found'
       end
 
-      it 'logs an audit event' do
-        expect { delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", owner) }.to change { SecurityEvent.count }.by(1)
+      it 'does not log an audit event' do
+        expect { delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", owner) }.not_to change { SecurityEvent.count }
       end
 
       context 'when the pipeline has jobs' do
diff --git a/spec/services/ci/destroy_pipeline_service_spec.rb b/spec/services/ci/destroy_pipeline_service_spec.rb
index 097daf67feb..d896f990470 100644
--- a/spec/services/ci/destroy_pipeline_service_spec.rb
+++ b/spec/services/ci/destroy_pipeline_service_spec.rb
@@ -17,8 +17,8 @@ describe ::Ci::DestroyPipelineService do
       expect { pipeline.reload }.to raise_error(ActiveRecord::RecordNotFound)
     end
 
-    it 'logs an audit event' do
-      expect { subject }.to change { SecurityEvent.count }.by(1)
+    it 'does not log an audit event' do
+      expect { subject }.not_to change { SecurityEvent.count }
     end
 
     context 'when the pipeline has jobs' do