Internal event schema for dependency firewall service metrics
What does this MR do and why?
Add dependency firewall internal events (package & container registry)
- Added EE event YAMLs:
- ee/config/events/collect_dependency_firewall_metrics_on_package_upload_to_package_registry.yml
- ee/config/events/collect_dependency_firewall_metrics_on_image_push_to_container_registry.yml
- ee/config/events/collect_dependency_firewall_metrics_on_image_pull_from_container_registry.yml
- ee/config/events/collect_dependency_firewall_metrics_on_package_download_from_package_registry.yml - ee/config/events/collect_dependency_firewall_metrics_on_forwarded_package_download_from_package_registry.yml
What each event records
- Identifiers: project/namespace and user (container pull uses namespace + user).
- Common additional properties:
- label: outcome enum — one of allowed, blocked-license, blocked-vulnerability, blocked-malicious, warn-license, warn-vulnerability, warn-malicious.
- property: auth type or cache status as appropriate (e.g., guest/user/deploy_token for package uploads; 1/0 cache hit/miss for container events).
- value: runtime in milliseconds.
- purl (package file) or image (container events) to identify the artifact.
- Milestone: 18.9.
- Tiers: premium / ultimate (adjust if any event should be EE-only).
References
- https://gitlab.com/groups/gitlab-org/-/work_items/20584+s
- https://gitlab.com/gitlab-org/gitlab/-/work_items/587704+s
- https://gitlab.com/gitlab-org/gitlab/-/work_items/587703+s
- https://gitlab.com/gitlab-org/gitlab/-/work_items/587697+s
- https://gitlab.com/gitlab-org/gitlab/-/work_items/587696+s
- https://gitlab.com/gitlab-org/gitlab/-/work_items/587691+s
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.