Update Gitlab::IpRestriction::Enforcerer logging
What does this MR do and why?
Update Gitlab::IpRestriction::Enforcerer logging
If Gitlab::IpRestriction::Enforcerer is applicable and checks the source
IP address, we're logging that operation. Among multiple fields that are
added to logs, we add the allowed and globally_allowed. They,
however, have not the same meaning.
allowed provides the result of IP check against the group defined IP
allowlist. This is a wanted information as it allows to investigate
whether the request IP address was applicable or not for the group
defined allowlist.
globally_allowed field, however, provides also a true/false field, but
showing whther the globally_allowed_ips setting is defined or not.
Which is basically unusable, as it will be true or false for all log
entries on a given GitLab instance and will not allow to investigate
whether the IP address disallowed by the group configuration is allowed
by the global configuration.
This commit changes the behavior of globally_allowed field of the log
line in Gitlab::IpRestriction:Enforcerer to provide an information
that is crucial when investigating the unexpected/wrong behavior of IP
restrictions configuration.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
| Before | After |
|---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.