Skip to content

Adding create and delete apis for instance namespace filters

Hitesh Raghuvanshi requested to merge 436613-instance-namespace-apis into master

What does this MR do and why?

As part of consolidation of external audit event streaming destinations in &12339, this MR introduces APIs for creating and deleting namespace_filters for instance level external audit event destinations.

How to set up and validate locally

  1. Make sure you have a GitLab instance with Ultimate license. Also have some groups and projects in the instance.
  2. First create an external audit event destination for the instance by running following mutation in http://gitlab.localdev:3000/-/graphql-explorer.
mutation instanceAuditEventStreamingDestinationsCreate {
  instanceAuditEventStreamingDestinationsCreate(input: {
    name: "testdest7",
    category: "http",
    secretToken: "random_secret_token",
    config: {
      url: "https://www.example.com"
    }
  }) {
    errors
    externalAuditEventDestination {
      id
      name
      config
      category
    }
  }
}
  1. Now create a namespace filter for the destination by running following mutation, here you can pass any group or project that exists in the instance:
mutation auditEventsInstanceDestinationNamespaceFilterCreate {
  auditEventsInstanceDestinationNamespaceFilterCreate(input: {
    destinationId: "gid://gitlab/AuditEvents::Instance::ExternalStreamingDestination/1",
    namespacePath: "<group or project full_path, for example flightjs/Flight>"
  }) {
    errors
    namespaceFilter {
      id
      namespace {
        id
        name
        fullName
      }
    }
  }
}
  1. For deleting the namespace filter you can run following mutation:
mutation auditEventsInstanceDestinationNamespaceFilterDelete {
  auditEventsInstanceDestinationNamespaceFilterDelete(input: {
    namespaceFilterId: "gid://gitlab/AuditEvents::Instance::NamespaceFilter/1"
  }) {
    errors
  }
}
  1. You should not get errors in any of the above mutations.
  2. You can also list down all the streaming destination with their namespace filters by running
query auditEventsInstanceStreamingDestinations {
  auditEventsInstanceStreamingDestinations {
    nodes {
      id
      name
      category
      config
      namespaceFilters {
        id
      }
    }
  }
}

Related to #436613 (closed)

Edited by Hitesh Raghuvanshi

Merge request reports