Adding API for creating instance level audit event filters
What does this MR do and why?
- Creates a graphql mutation for
auditEventsStreamingDestinationInstanceEventsAdd
for creating event type filters for instance level external audit event destinations. - This is quite similar to an existing mutation
auditEventsStreamingDestinationEventsAdd
which is for creating event type filters for group level external audit event destinations. So I have refactored code for mutation and service for reusing the existing code as much as possible.
Graphql mutation
mutation {
auditEventsStreamingDestinationInstanceEventsAdd(
input: {
destinationId: "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/24",
eventTypeFilters:["geo"]
}
){
errors
eventTypeFilters
}
}
Query plans
Query for finding destination
Query:
SELECT
"audit_events_instance_external_audit_event_destinations".*
FROM
"audit_events_instance_external_audit_event_destinations"
WHERE
"audit_events_instance_external_audit_event_destinations"."id" = 24
Query plan: https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/19940/commands/65096
Query for checking if filter with same type exists
Query:
SELECT
1 AS one
FROM
"audit_events_streaming_instance_event_type_filters"
WHERE
"audit_events_streaming_instance_event_type_filters"."audit_event_type" = 'filter5'
AND "audit_events_streaming_instance_event_type_filters"."instance_external_audit_event_destination_id" = 24
LIMIT
1
Query plan: https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/19940/commands/65097
Query for inserting record
Query:
INSERT INTO "audit_events_streaming_instance_event_type_filters" (
"created_at", "updated_at", "instance_external_audit_event_destination_id",
"audit_event_type"
)
VALUES
(
'2023-06-28 09:58:45.066360', '2023-06-28 09:58:45.066360',
24, 'filter5'
) RETURNING "id"
Query plan: Can't get query plan for this as this requires entry in external destination on production which does not exist.
How to set up and validate locally
- Enable feature flag by running
::Feature.enable(:ff_external_audit_events)
in rails console. - Login with instance admin credentials on http://127.0.0.1:3000 and then go to graphql explorer http://127.0.0.1:3000/-/graphql-explorer
- Run following mutation for creating a new instance level external audit event destination
mutation {
instanceExternalAuditEventDestinationCreate(input: { destinationUrl: "https://www.example.com"}) {
errors
instanceExternalAuditEventDestination {
destinationUrl
id
}
}
}
- Note the destination id in response and create an event type filter for this destination by running following mutation, you should not receive any errors and this will return all the event filters for the destination.
mutation {
auditEventsStreamingDestinationInstanceEventsAdd(
input: {
destinationId: "gid://gitlab/AuditEvents::InstanceExternalAuditEventDestination/<id>",
eventTypeFilters:["filter1", "filter2"]
}
){
errors
eventTypeFilters
}
}
- Output of step 4 will be something like:
{
"data": {
"auditEventsStreamingDestinationInstanceEventsAdd": {
"errors": [],
"eventTypeFilters": [
"filter1",
"filter2"
]
}
}
}
- You can also verify it from rails console by running
AuditEvents::InstanceExternalAuditEventDestination.last.event_type_filters
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #415768 (closed)
Edited by Hitesh Raghuvanshi