Skip to content

Adding query api for instance audit event destination

Hitesh Raghuvanshi requested to merge 335175-external-instance-audit-events-gq-2 into master

What does this MR do and why?

We are adding support for storing instance level external audit event destinations, this MR is one of the MRs for supporting this functionality.

In MR !118363 (merged), we added an API for creation of entries for instance level external audit event destinations. The original MR for adding different APIs became too huge so divided that into smaller MRs. This is the next MR in line. This MR adds a query API for fetching the list of all the instance level external audit event destinations.

Please note following points:

  1. The number of external destinations is limited to 5, so returning all of them and not doing pagination.
  2. This API will only be accessible to instance admins.

GraphQL API

query {
  instanceExternalAuditEventDestinations {
    nodes {
      id
      destinationUrl
      verificationToken
    }
  }
}

Sample Response

{
  "data": {
    "instanceExternalAuditEventDestinations": {
      "nodes": [
        {
          "id": "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/18",
          "destinationUrl": "https://example64526.com/",
          "verificationToken": "KbybQUi3x2aqaSpu6MoEbNob"
        },
        {
          "id": "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/17",
          "destinationUrl": "https://example56.com/",
          "verificationToken": "oWugKCnHukaPaLCvDjWwzuv8"
        }
      ]
    }
  }
}

How to set up and validate locally

  1. Enable the feature flag ff_external_audit_events from rails console by running Feature.enable(:ff_external_audit_events).
  2. Login as an instance admin in the browser on http://localhost:3000.
  3. Go to http://localhost:3000/-/graphql-explorer.
  4. Create an entry for instance level external audit event destination by running following command in graphql-explorer.
mutation {
  instanceExternalAuditEventDestinationCreate(input: { destinationUrl: "https://www.example.com"}) {
    errors
    instanceExternalAuditEventDestination {
      destinationUrl
      id
      verificationToken
    }
  }
}
  1. Run following graphql query in the graphql-explorer to list all the destinations.
query {
  instanceExternalAuditEventDestinations {
    nodes {
      id
      destinationUrl
      verificationToken
    }
  }
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #335175 (closed)

Edited by Hitesh Raghuvanshi

Merge request reports