Merge branch 'michold-migrate-deploy-token-events' into 'master'

Migrate deploy token events

See merge request gitlab-org/gitlab!179408



Merged-by: Adie (she/her) <avpfestin@gitlab.com>
Approved-by: Adie (she/her) <avpfestin@gitlab.com>
Reviewed-by: Adie (she/her) <avpfestin@gitlab.com>
Co-authored-by: michold <mwielich@gitlab.com>

app/models/container_registry/event.rb

@@ -10,6 +10,7 @@ class Event
     DELETE_ACTION = 'delete'
     EVENT_TRACKING_CATEGORY = 'container_registry:notification'
     EVENT_PREFIX = 'i_container_registry'
+    INTERNAL_EVENTS_ORIGINATORS = %w[deploy_token].freeze
 
     ALLOWED_ACTOR_TYPES = %w[
       personal_access_token
@@ -53,7 +54,13 @@ def track!
         track_internal_event("delete_manifest_from_container_registry", project: project)
       else
         event = usage_data_event_for(tracking_action)
-        ::Gitlab::UsageDataCounters::HLLRedisCounter.track_event(event, values: originator.id) if event
+        return unless event
+
+        if originator_suffix.in? INTERNAL_EVENTS_ORIGINATORS
+          track_internal_event(event, additional_properties: { property: originator.id.to_s })
+        else
+          ::Gitlab::UsageDataCounters::HLLRedisCounter.track_event(event, values: originator.id)
+        end
       end
     end
 

config/events/i_container_registry_create_repository_deploy_token.yml

+---
+description: Tracks when a repository in container registry is created using a deploy token
+internal_events: true
+action: i_container_registry_create_repository_deploy_token
+identifiers:
+product_group: container_registry
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179408
+tiers:
+- free
+- premium
+- ultimate
+additional_properties:
+  property:
+    description: Id of the deploy token used for authorization

config/events/i_container_registry_delete_repository_deploy_token.yml

+---
+description: Tracks when a repository in container registry is deleted using a deploy token
+internal_events: true
+action: i_container_registry_delete_repository_deploy_token
+identifiers:
+product_group: container_registry
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179408
+tiers:
+- free
+- premium
+- ultimate
+additional_properties:
+  property:
+    description: Id of the deploy token used for authorization

config/events/i_container_registry_delete_tag_deploy_token.yml

+---
+description: Tracks when a tag in container registry is deleted using a deploy token
+internal_events: true
+action: i_container_registry_delete_tag_deploy_token
+identifiers:
+product_group: container_registry
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179408
+tiers:
+- free
+- premium
+- ultimate
+additional_properties:
+  property:
+    description: Id of the deploy token used for authorization

config/events/i_container_registry_push_repository_deploy_token.yml

+---
+description: Tracks when a repository in container registry is pushed using a deploy token
+internal_events: true
+action: i_container_registry_push_repository_deploy_token
+identifiers:
+product_group: container_registry
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179408
+tiers:
+- free
+- premium
+- ultimate
+additional_properties:
+  property:
+    description: Id of the deploy token used for authorization

config/events/i_container_registry_push_tag_deploy_token.yml

+---
+description: Tracks when a tag in container registry is pushed using a deploy token
+internal_events: true
+action: i_container_registry_push_tag_deploy_token
+identifiers:
+product_group: container_registry
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179408
+tiers:
+- free
+- premium
+- ultimate
+additional_properties:
+  property:
+    description: Id of the deploy token used for authorization

config/metrics/counts_all/20231223170002_i_container_registry_push_repository_deploy_token.yml

@@ -9,12 +9,11 @@ introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131966
 time_frame:
 - 28d
 - 7d
-data_source: redis_hll
+data_source: internal_events
 data_category: optional
-instrumentation_class: RedisHLLMetric
-options:
-  events:
-  - i_container_registry_push_repository_deploy_token
+events:
+- name: i_container_registry_push_repository_deploy_token
+  unique: property
 performance_indicator_type: []
 tiers:
 - free

config/metrics/counts_all/20231227165432_i_container_registry_push_tag_deploy_token.yml

@@ -9,12 +9,11 @@ introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131966
 time_frame:
 - 28d
 - 7d
-data_source: redis_hll
+data_source: internal_events
 data_category: optional
-instrumentation_class: RedisHLLMetric
-options:
-  events:
-  - i_container_registry_push_tag_deploy_token
+events:
+- name: i_container_registry_push_tag_deploy_token
+  unique: property
 performance_indicator_type: []
 tiers:
 - free

config/metrics/counts_all/20231227165706_i_container_registry_delete_tag_deploy_token.yml

@@ -9,12 +9,11 @@ introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131966
 time_frame:
 - 28d
 - 7d
-data_source: redis_hll
+data_source: internal_events
 data_category: optional
-instrumentation_class: RedisHLLMetric
-options:
-  events:
-  - i_container_registry_delete_tag_deploy_token
+events:
+- name: i_container_registry_delete_tag_deploy_token
+  unique: property
 performance_indicator_type: []
 tiers:
 - free

config/metrics/counts_all/20231227170213_i_container_registry_delete_repository_deploy_token.yml

@@ -9,12 +9,11 @@ introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131966
 time_frame:
 - 28d
 - 7d
-data_source: redis_hll
+data_source: internal_events
 data_category: optional
-instrumentation_class: RedisHLLMetric
-options:
-  events:
-  - i_container_registry_delete_repository_deploy_token
+events:
+- name: i_container_registry_delete_repository_deploy_token
+  unique: property
 performance_indicator_type: []
 tiers:
 - free

config/metrics/counts_all/20231227170547_i_container_registry_create_repository_deploy_token.yml

@@ -9,12 +9,11 @@ introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131966
 time_frame:
 - 28d
 - 7d
-data_source: redis_hll
+data_source: internal_events
 data_category: optional
-instrumentation_class: RedisHLLMetric
-options:
-  events:
-  - i_container_registry_create_repository_deploy_token
+events:
+- name: i_container_registry_create_repository_deploy_token
+  unique: property
 performance_indicator_type: []
 tiers:
 - free

lib/gitlab/usage_data_counters/hll_redis_key_overrides.yml

@@ -176,3 +176,8 @@ visit_ci_cd_time_to_restore_service_tab-user: p_analytics_ci_cd_time_to_restore_
 visit_compliance_credential_inventory-user: i_compliance_credential_inventory
 commit_change_to_ciconfigfile-user: o_pipeline_authoring_unique_users_committing_ciconfigfile
 performed_wiki_action-user: wiki_action
+i_container_registry_create_repository_deploy_token-property: i_container_registry_create_repository_deploy_token
+i_container_registry_delete_repository_deploy_token-property: i_container_registry_delete_repository_deploy_token
+i_container_registry_delete_tag_deploy_token-property: i_container_registry_delete_tag_deploy_token
+i_container_registry_push_repository_deploy_token-property: i_container_registry_push_repository_deploy_token
+i_container_registry_push_tag_deploy_token-property: i_container_registry_push_tag_deploy_token

lib/gitlab/usage_data_counters/hll_redis_legacy_events.yml

@@ -169,15 +169,10 @@
 - i_code_review_widget_nothing_merge_click_new_file
 - i_compliance_audit_events
 - i_compliance_credential_inventory
-- i_container_registry_create_repository_deploy_token
 - i_container_registry_create_repository_user
-- i_container_registry_delete_repository_deploy_token
 - i_container_registry_delete_repository_user
-- i_container_registry_delete_tag_deploy_token
 - i_container_registry_delete_tag_user
-- i_container_registry_push_repository_deploy_token
 - i_container_registry_push_repository_user
-- i_container_registry_push_tag_deploy_token
 - i_container_registry_push_tag_user
 - i_ecosystem_jira_service_close_issue
 - i_ecosystem_jira_service_create_issue

spec/models/container_registry/event_spec.rb

@@ -137,6 +137,16 @@
       end
     end
 
+    shared_examples 'tracking an internal event' do
+      it 'sends a tracking event' do
+        event_name = "i_container_registry_#{event}_deploy_token"
+        expect { subject }
+          .to trigger_internal_events(event_name)
+          .with(additional_properties: { property: originator.id.to_s })
+          .exactly(count).time
+      end
+    end
+
     shared_examples 'event originator is fetched based on ID' do |originator_class|
       it 'fetches the event originator based on id' do
         count.times do
@@ -147,7 +157,7 @@
       end
     end
 
-    context 'with a respository target' do
+    context 'with a repository target' do
       let(:target) do
         {
           'mediaType' => ContainerRegistry::Client::DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE,
@@ -199,13 +209,9 @@
     context 'with a deploy token as the actor' do
       let!(:originator) { create(:deploy_token, username: 'username', id: 3) }
 
-      shared_examples 'no tracking of a deploy token is sent to HLLRedisCounter' do
-        it 'does not send a tracking event to HLLRedisCounter' do
-          expect(DeployToken).not_to receive(:find)
-          expect(DeployToken).not_to receive(:find_by_username)
-          expect(::Gitlab::UsageDataCounters::HLLRedisCounter).not_to receive(:track_event)
-
-          expect { subject }.not_to raise_error
+      shared_examples 'no tracking of a deploy token is sent' do
+        it 'does not send a tracking event' do
+          expect { subject }.not_to trigger_internal_events
         end
       end
 
@@ -218,13 +224,13 @@
           }
         end
 
-        it_behaves_like 'no tracking of a deploy token is sent to HLLRedisCounter'
+        it_behaves_like 'no tracking of a deploy token is sent'
       end
 
       context 'when no username or deploy_token_id is given' do
         let(:raw_event) { { 'action' => 'push', 'target' => {}, 'actor' => { 'user_type' => 'deploy_token' } } }
 
-        it_behaves_like 'no tracking of a deploy token is sent to HLLRedisCounter'
+        it_behaves_like 'no tracking of a deploy token is sent'
       end
 
       context 'when deploy_token_id is given' do
@@ -255,12 +261,19 @@
           { 'tag' => 'latest' }          | 'delete'   | 'delete_tag'         |  1
           { 'repository' => 'foo/bar' }  | 'push'     | 'create_repository'  |  1
           { 'repository' => 'foo/bar' }  | 'delete'   | 'delete_repository'  |  1
-          { 'tag' => 'latest' }          | 'copy'     | ''                   |  0
         end
 
         with_them do
           it_behaves_like 'event originator is fetched based on ID', DeployToken
-          it_behaves_like 'tracking event is sent to HLLRedisCounter with event and originator ID', :deploy_token
+
+          it_behaves_like 'tracking an internal event'
+        end
+
+        context 'when the event is not a valid trackable event' do
+          let(:action) { 'copy' }
+          let(:target) { { 'tag' => 'latest' } }
+
+          it_behaves_like 'no tracking of a deploy token is sent'
         end
 
         context "when there are errors" do
@@ -273,7 +286,7 @@
               allow(File).to receive(:read).with(key_file.path).and_raise(Errno::ENOENT)
             end
 
-            it_behaves_like 'no tracking of a deploy token is sent to HLLRedisCounter'
+            it_behaves_like 'no tracking of a deploy token is sent'
           end
 
           [JWT::VerificationError, JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature].each do |error|
@@ -284,7 +297,7 @@
                 .and_raise(error)
               end
 
-              it_behaves_like 'no tracking of a deploy token is sent to HLLRedisCounter'
+              it_behaves_like 'no tracking of a deploy token is sent'
             end
           end
         end