Add feature flag auditing
Problem to solve
In order to actually use feature flags in production environment flows, it's important to be able to see after the fact who changed a feature flag (and from what -> to what).
Further details
Very much related to being able to control who can change the permissions (https://gitlab.com/gitlab-org/gitlab-ee/issues/8239) is recording in the audit events what flag was changed, how, and by whom. This mainly serves troubleshooting use cases where the behavior in production has changed and recent changes need to be reviewed.
A key user for this feature is our own Delivery team as we look to replace the existing feature flags system we are using with our own feature.
Proposal
-
Record all feature flag changes as an audit events
- Includes how the feature flag was changed and by whom
-
Actions:
- Create flag
- Edit flag
- Delete flag
- Activate flag
- Inactivate flag
- Update name of feature flag from x to z
- Update description of feature flag from x to z
- Add environment rule x
- Edit environment rule x
- Delete environment rule x
- Activate environment rule x
- Inactivate environment rule x
Example of audit log results for a Feature Flag entry:
Author | Action | Target | At |
---|---|---|---|
John Doe | Edit production/* rule from on to off entity path user/project | Feature flag name | 2019-01-22 12:43:20 UTC |
What does success look like, and how can we measure that?
If successful here, this should unlock the ability of our own Delivery team to be able to use our feature flag capability in production for GitLab itself.
Links / references
cc @marin