Update and destroy apis for instance external audit event destinations
What does this MR do and why?
We are adding support for storing instance level external audit event destinations, this MR is one of the MRs for supporting this functionality.
In MRs !118363 (merged) and !119602 (merged), we added a APIs for creation and listing of entries for instance level external audit event destinations. The original MR for adding different APIs became too huge so divided that into smaller MRs. This is the next MR in line. This MR adds update and destroy APIs for updating and destroying the instance level external audit event destinations.
Note: These APIs are only accessible to instance admins only and are behind a feature flag ff_external_audit_events
.
GraphQL APIs
1. Update external destination
mutation {
instanceExternalAuditEventDestinationUpdate(input: { id: "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/18",destinationUrl: "https://www.examplenew.com"}) {
errors
instanceExternalAuditEventDestination {
destinationUrl
id
}
}
}
2. Destroy a destination
mutation {
instanceExternalAuditEventDestinationDestroy(input: { id: "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/17"}) {
errors
}
}
Query plans
Note: On production, the table audit_events_instance_external_audit_event_destinations
is empty. There is a limit of at max 5 rows enforced for this table via model here, which means the queries will not be resource intensive.
Queries in Update API
Find destination
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/18335/commands/60806
Query
SELECT
"audit_events_instance_external_audit_event_destinations".*
FROM
"audit_events_instance_external_audit_event_destinations"
WHERE
"audit_events_instance_external_audit_event_destinations"."id" = 1
Before update check if no other destination has same url
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/18335/commands/60807
Click to expand
SELECT
1 AS one
FROM
"audit_events_instance_external_audit_event_destinations"
WHERE
"audit_events_instance_external_audit_event_destinations"."destination_url" = 'https://example.com/test'
AND "audit_events_instance_external_audit_event_destinations"."id" != 2
LIMIT
1
Update destination
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/18335/commands/60811
Click to expand
UPDATE
"audit_events_instance_external_audit_event_destinations"
SET
"updated_at" = '2023-05-08 11:36:57.163742',
"destination_url" = 'https://example.com/test'
WHERE
"audit_events_instance_external_audit_event_destinations"."id" = 2
Delete API queries
Find destination
Same as that of update query
Delete destination
https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/18335/commands/60813
Click to expand
DELETE FROM
"audit_events_instance_external_audit_event_destinations"
WHERE
"audit_events_instance_external_audit_event_destinations"."id" = 3
How to set up and validate locally
- Enable the feature flag
ff_external_audit_events
from rails console by runningFeature.enable(:ff_external_audit_events)
. - Login as an instance admin in the browser on http://localhost:3000.
- Open http://localhost:3000/-/graphql-explorer for testing out the APIs.
- Create an entry for instance level external audit event destination by running following command in graphql-explorer.
mutation {
instanceExternalAuditEventDestinationCreate(input: { destinationUrl: "https://www.example.com"}) {
errors
instanceExternalAuditEventDestination {
destinationUrl
id
verificationToken
}
}
}
- Run following graphql query in the graphql-explorer to list all the destinations.
query {
instanceExternalAuditEventDestinations {
nodes {
id
destinationUrl
verificationToken
}
}
}
- Run following graphql mutation in the graphql-explorer to update any destination.
mutation {
instanceExternalAuditEventDestinationUpdate(input: { id: "<gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/x>",destinationUrl: "https://www.example200.com"}) {
errors
instanceExternalAuditEventDestination {
destinationUrl
id
}
}
}
- Run following graphql mutation in the graphql-explorer to delete destination.
mutation {
instanceExternalAuditEventDestinationDestroy(input: { id: "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/x"}) {
errors
}
}
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #335175 (closed)