Enable log_git_streaming_audit_events FF for human actors only

Context

The log_git_streaming_audit_events feature flag was globally enabled but had to be reverted due to high volumes of 404/401 errors. The errors were caused by non-human actors (deploy tokens over HTTP, deploy keys over SSH) that the /internal/shellhorse/git_audit_event endpoint couldn't resolve.

While those fixes are in progress, add a user.human? guard(MR) to GitAuditEvent#enabled? so the feature flag can be safely re-enabled for human actors only

The full fix requires changes across multiple components:

HTTP (deploy tokens): #562516 - Fix authentication parameters for Git streaming audit events HTTP requests
SSH (deploy keys): gitlab-shell#822 - Fix Git streaming audit events for deploy keys

Follow-up

Once the full fixes land in #562516 and gitlab-shell#822, we will remove the user.human? guard and support all identity types.

References

Feature flag issue: #415138
Epic: gitlab-org#20506
Discussion: #415138 (comment 3087380700)

Edited Feb 26, 2026 by 🤖 GitLab Bot 🤖