feat: Restrict llm logger info on group features
What does this MR do and why?
Problem to Solve
The following change provides customers the ability to broadly disable llm.logs
from logged to our system. Now they can opt-out of subgroups or parent groups to aggregate logs.
Why
We are looking to provide more power to users to decide how their logs are handled. We want to make sure that self-managed users can enable logging based on only a need to know basis, instead of default information.
Ref https://gitlab.com/gitlab-org/gitlab/-/issues/463936
Changelog: changed EE: true
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Go to Gitlab AI-enabled project
- Access the following project with the ID
group = Group.find(<project_id>
- Run the following command to opt-out of project `Feature.opt_out(:expanded_ai_logging, group)
- Make sure all the logs in
llm/llm.log
are debug logs.
Changes
The following changes were made:
- Changed the logger to only log on the info level for groups that have opted in to expanded AI logging.
- Added a new feature flag to control whether or not expanded AI logging is enabled for groups.
- Updated the MR acceptance checklist to include a check for whether or not the MR complies with the expanded AI logging policy.
Potential risks
The following potential risks were identified:
- The change could cause performance issues if the logger is used excessively.
- The change could make it more difficult to debug issues if the logger is not used enough.
- The change could introduce security vulnerabilities if the logger is not properly configured.
Mitigation strategies
The following mitigation strategies were implemented to address the potential risks:
- The logger is only used when the expanded AI logging feature flag is enabled.
- The logger is only used to log information that is not sensitive.
- The logger is configured to only log to a secure location.
This description was generated for revision e0bf366d using AI