Audit-log Gitea MCP mutating actions with execution profile metadata #18

Closed
opened 2026-07-01 11:16:21 -05:00 by jcwalker3 · 1 comment
Owner

Parent

Roadmap #10 — Task-scoped MCP execution profiles for LLM-operated Gitea workflows

Problem

When LLMs perform workflow actions, audit logs must show which MCP profile and authenticated Gitea user performed each mutation.

Scope

Define and implement audit logging for Gitea MCP mutating actions.

Audit events should include:

  • timestamp
  • repository
  • issue or PR number
  • action type
  • active profile name
  • authenticated username
  • target branch, where applicable
  • PR head SHA, where applicable
  • result: allowed, blocked, failed, succeeded
  • reason for block/failure
  • redacted request metadata

Mutating actions to audit

  • create issue
  • comment issue
  • update issue
  • create PR
  • comment PR
  • approve PR
  • request changes
  • merge PR
  • close/reopen issue
  • label/unlabel issue

Acceptance criteria

  • Mutating actions emit audit records.
  • Audit records include profile and authenticated username.
  • Secrets/tokens are redacted.
  • Blocked actions are logged.
  • Failed eligibility checks are logged.
  • Existing Gitea MCP behavior is not broken.

Non-goals

  • Do not log raw tokens.
  • Do not log authorization headers.
  • Do not add Jenkins/Ops/deploy behavior.

Proposed labels

mcp · gitea · audit · security · mutating

## Parent Roadmap #10 — Task-scoped MCP execution profiles for LLM-operated Gitea workflows ## Problem When LLMs perform workflow actions, audit logs must show which MCP profile and authenticated Gitea user performed each mutation. ## Scope Define and implement audit logging for Gitea MCP mutating actions. Audit events should include: * timestamp * repository * issue or PR number * action type * active profile name * authenticated username * target branch, where applicable * PR head SHA, where applicable * result: allowed, blocked, failed, succeeded * reason for block/failure * redacted request metadata ## Mutating actions to audit * create issue * comment issue * update issue * create PR * comment PR * approve PR * request changes * merge PR * close/reopen issue * label/unlabel issue ## Acceptance criteria * Mutating actions emit audit records. * Audit records include profile and authenticated username. * Secrets/tokens are redacted. * Blocked actions are logged. * Failed eligibility checks are logged. * Existing Gitea MCP behavior is not broken. ## Non-goals * Do not log raw tokens. * Do not log authorization headers. * Do not add Jenkins/Ops/deploy behavior. ## Proposed labels `mcp` · `gitea` · `audit` · `security` · `mutating`
jcwalker3 added the mcpsecuritygiteamutating labels 2026-07-01 11:28:33 -05:00
jcwalker3 added the status:in-progress label 2026-07-01 21:07:43 -05:00
Author
Owner

Claimed. Starting implementation.

Planned branch: feat/issue-18-audit-log-mutating-actions (from latest master).

Scope: audit logging for Gitea MCP mutating actions per acceptance criteria (timestamp, repo, issue/PR, action, profile, authenticated username, result, redacted metadata). Secrets/tokens redacted; no Jenkins/Ops/deploy behavior.

Claimed. Starting implementation. Planned branch: `feat/issue-18-audit-log-mutating-actions` (from latest `master`). Scope: audit logging for Gitea MCP mutating actions per acceptance criteria (timestamp, repo, issue/PR, action, profile, authenticated username, result, redacted metadata). Secrets/tokens redacted; no Jenkins/Ops/deploy behavior.
sysadmin removed the status:in-progress label 2026-07-02 01:31:14 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Scaled-Tech-Consulting/Gitea-Tools#18