Retrieve streaming destinations from new API
What does this MR do and why?
This is the first of a series of MRs that will point the frontend of Audit events streaming destinations to the new API.
In this MR we retrieve streaming destinations. The work is under use_consolidated_audit_event_stream_dest_api
FF.
MR cadence:
MR | Description |
---|---|
!183848 (merged) |
|
!185411 (merged) | Delete streaming destinations from new API |
!186450 (merged) (refactoring) | Rename stream destination editor vue component |
!186456 (merged) (refactoring) | Add refactored stream destination editor vue component |
!186457 (merged) | Add ability to create new stream destinations |
!186647 (merged) | Add ability to update stream destinations |
References
- Epic: &12339
- Implementation issues: #442447 (closed) / #524939 (closed)
- FF Rollout issue: #523880 (closed)
- FF Cleanup issue: #523881
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Group
HTTP | GCP | AWS |
---|---|---|
![]() |
![]() |
![]() |
Instance
HTTP | GCP | AWS |
---|---|---|
![]() |
![]() |
![]() |
How to set up and validate locally
- To view
Group
destinations, navigate to Your Group > Secure > Audit Events > Streams tab - To view
Instance
destinations, make sure to login withroot
, and navigate to Admin area > Monitoring > Audit Events > Streams tab - Open GraphQL explorer (
/-/graphql-explorer
) and create 6 stream destinations: HTTP|GCP|AWS * Group|Instance
Group Destinations
HTTP
mutation groupAuditEventStreamingDestinationsCreate {
groupAuditEventStreamingDestinationsCreate(input: {
name: "Testing Destination 1 - HTTP",
category: "http",
groupPath: "<group-path>",
config: {
url: "http://destination1-url"
headers: { key1: { value: "test", active: true } }
}
}) {
errors
externalAuditEventDestination {
id
}
}
}
In the response, grab the destination ID to use in the next mutations:
mutation CreateGroupNamespaceFilter {
auditEventsGroupDestinationNamespaceFilterCreate(
input: {
destinationId: "gid://gitlab/AuditEvents::Group::ExternalStreamingDestination/<id>",
namespacePath: "<group-path>/<subgroup | project>"
}
) {
namespaceFilter {
id
}
errors
}
}
mutation AddEventTypesToGroupDestination {
auditEventsGroupDestinationEventsAdd(
input: {
destinationId: "gid://gitlab/AuditEvents::Group::ExternalStreamingDestination/<id>",
eventTypeFilters: ["add_gpg_key", "user_created"]
}
) {
eventTypeFilters
errors
}
}
GCP
mutation groupAuditEventStreamingDestinationsCreate {
groupAuditEventStreamingDestinationsCreate(input: {
name: "Testing Destination 2 - GCP",
category: "gcp",
groupPath: "<group-path>",
secretToken:"SecretToken12345!",
config: {
googleProjectIdName: "google-project-id-name",
clientEmail: "clientEmail@example.com",
logIdName: "gcp-log-id-name"
}
}) {
errors
externalAuditEventDestination {
id
}
}
}
AWS
mutation groupAuditEventStreamingDestinationsCreate {
groupAuditEventStreamingDestinationsCreate(input: {
name: "Testing Destination 3 - AWS",
category: "aws",
groupPath: "<group-path>",
secretToken:"SecretToken12345!",
config: {
accessKeyXid: "myAwsAccessKey_needs_16_chars_min",
awsRegion: "us-test-1",
bucketName: "bucket-name"
}
}) {
errors
externalAuditEventDestination {
id
}
}
}
Instance Destinations
For these you'll need to open GraphQL explorer (/-/graphql-explorer
) logged in as root
HTTP
mutation instanceAuditEventStreamingDestinationsCreate {
instanceAuditEventStreamingDestinationsCreate(input: {
name: "Testing Destination 1 - HTTP - Instance",
category: "http",
config: {
url: "http://destination1-url.instance"
headers: { key1: { value: "test-instance", active: true } }
}
}) {
errors
externalAuditEventDestination {
id
}
}
}
In the response, grab the destination ID to use in the next mutation:
mutation AddEventTypesToInstanceDestination {
auditEventsInstanceDestinationEventsAdd(
input: {
destinationId: "gid://gitlab/AuditEvents::Instance::ExternalStreamingDestination/<id>",
eventTypeFilters: ["add_gpg_key", "user_created"]
}
) {
eventTypeFilters
errors
}
}
GCP
mutation instanceAuditEventStreamingDestinationsCreate {
instanceAuditEventStreamingDestinationsCreate(input: {
name: "Testing Destination 2 - GCP - Instance",
category: "gcp",
secretToken:"SecretToken12345!",
config: {
googleProjectIdName: "instance-project-id-name",
clientEmail: "instance_client@example.com",
logIdName: "gcp-log-id-name-instance"
}
}) {
errors
externalAuditEventDestination {
id
}
}
}
AWS
mutation instanceAuditEventStreamingDestinationsCreate {
instanceAuditEventStreamingDestinationsCreate(input: {
name: "Testing Destination 3 - AWS",
category: "aws",
secretToken:"SecretToken12345!",
config: {
accessKeyXid: "my_instance_AwsAccessKey_needs_16_chars_min",
awsRegion: "us-test-1",
bucketName: "bucket-name-instance"
}
}) {
errors
externalAuditEventDestination {
id
}
}
}
Edited by Sheldon Led