What does this MR do?
Rack application within Rails to record product analytics events.
The Product Analytics feature itself is built in several steps. You can see the progress here => #225167 (closed)
Related to !27730 (closed).
Why rack application:
- we want as much performance as we can get. No need for controllers with all hooks etc.
- we want it in Rails while feature is in experimental stage. Easy to ship. The future is go collector => https://gitlab.com/gitlab-org/snowplow-go-collector
- its easier to remove later
Details:
- Rack limit: 100 requests per minute per
aid.aidstands for application id and means GitLab project id. - Ignore all requests without application id and event id.
- No authentication (and never will be). Write any event if it's valid. Like snowplow collector.
- Product analytics feature itself is behind a feature flag and disabled by default.
- Deny requests for projects that don't have feature flag enabled (temporary until feature is enabled by default)
- Requests will come from snowplow javascript tracker.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec -
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team