It's quite easy to impersonate another user in Gitlab. See this topic for more details.
It's possible to find out which user performed a push by examining "Activity" log of a repository. But for audit purposes I'd also like to know the IP address from which the push was done. Is it possible in Gitlab CE/EE?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
