Add new stream only audit event for repo download of public projects
What does this MR do and why?
- Add new stream only audit event for repo download of public projects
- Make the existing
repository_download_operationaudit event only for repository download of non public projects. - For public projects the new
public_repository_download_operationstream only audit event is created.
Note
Since this is a breaking change it needs to be deployed only during the following windows as per this slack message [INTERNAL]
- 2024-04-22 09:00 UTC to 2024-04-24 22:00 UTC
- 2024-04-29 09:00 UTC to 2024-05-01 22:00 UTC
- 2024-05-06 09:00 UTC to 2024-05-08 22:00 UTC
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
| Before | After |
|---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Ensure you have ultimate license.
- Setup audit event streaming destination (Eg: HTTP) by following the docs. You can use public products like
https://requestcatcher.comfor setting up streaming destination. - Download the source code of public project. (See docs). Ensure that a streaming event is creating with event type
public_repository_download_operationand no new audit event is created in the database. - Now download the source code of a private project and ensure that a streaming event is created with event type
repository_download_operationand a new audit event is also created in the database. You can verify this by going to the group audit events dashboard.
Closes #383218 (closed)
Edited by Huzaifa Iftikhar