CI JWT token usage instrumentation with Snowplow (!110422) · Merge requests · GitLab.org / GitLab

Leaminn Ma requested to merge 388837-jwt-token-snowplow-tracking into master Jan 27, 2023

What does this MR do and why?

This MR adds Snowplow instrumentation to track the usage of id_tokens: (JWT token) in the CI pipeline. The goal is to get the count of users and Ultimate namespaces using the feature.

The instrumentation works by tracking the event when a pipeline Build job is created with id_tokens defined. This Snowplow metric is a mirror of the existing Service Ping RedisHLL metric implemented here. (Service Ping key_path: redis_hll_counters.ci_secrets_management.i_ci_secrets_management_id_tokens_build_created_monthly)

How to set up and validate locally

Configure your GDK to run Snowplow Micro.
Go to http://gdk.test:9091/micro/good to observe the events being tracked.
Go to your Project's CI/CD Editor and update the contents with:

job_with_id_tokens:
  id_tokens:
    ID_TOKEN_1:
      aud: https://gitlab.com

  script:
    - echo 'test'

Commit the changes and run the pipeline. Refresh http://gdk.test:9091/micro/good and observe that an event appears with se_ac value create_id_tokens.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #388837 (closed)

Edited Jan 31, 2023 by Leaminn Ma

CI JWT token usage instrumentation with Snowplow

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports