Resolve "Incorrect header validation in audit event streams" (!139749) · Merge requests · GitLab.org / GitLab

Illya Klymov requested to merge 418197-incorrect-header-validation-in-audit-event-streams into master Dec 14, 2023

What does this MR do and why?

Removing valid audit streaming header might make previously invalid row (which had the same name) valid

This MR adds handling of such scenario

Screenshots or screen recordings

Before:

Audit_events___Commit451___GitLab__1_

Deleting row "removes" last letter
After save the header is gone (this is because deleted and added header name clashes

After:

Audit_events___Commit451___GitLab__2_

Removing row correctly removes invalid marker
Header does not disappear

How to set up and validate locally

Open Secure -> Audit events
Create streaming destination
Manipulate headers

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #418197 (closed)

Edited Dec 14, 2023 by Illya Klymov

Resolve "Incorrect header validation in audit event streams"

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports