E2E test for Instance-level Audit Event Streaming
Summary
Add a new E2E test for Instance-level Audit Event Streaming.
Note that this is a new feature, not the existing group-level audit streaming feature. However, the main differences are in scope of audit events, and where streaming is configured, so a test for one could likely be used as a test for the other, with only minor differences.
Requirements
- We don't have a recommended server for receiving streamed events, so given our use of ClickHouse, it seems like a suitable option.
- Alternatively, we're already using smocker.
- The test won't pass until gitlab-org/gitlab!118513 (merged) is merged, but everything needed to write the test has been merged.
Steps
- Set up a server to receive streamed events.
- Use the graphQL API to configure GitLab to stream to that server (depends on gitlab-org/gitlab#335175 (closed)).
- Perform an action that triggers an instance-level audit event (e.g., add a user).
- Perform an action that triggers an audit event that is only available via streaming (e.g., git clone with authentication).
- Perform an action that triggers a group-level audit event (e.g., create a group).
- Perform an action that triggers a project-level audit event (e.g., create a project).
- Query the streaming server to confirm that all events were received, with the correct verification token (depends on gitlab-org/gitlab!118513 (merged)).
Questions
- Should all audit event types be streamed, or only instance-level events?
- The REST API for instance audit events states that it can't retrieve group or project audit events. Will this graphQL API be the same? But the doc also lists
User, Group, or Projectas valid options for theentity_typeparameter. Confusion betweenentity_typeandtarget_type, or something similar? - The verification of the MR for emitting streamed instance audit events has creating a group as an example audit event.
- The REST API for instance audit events states that it can't retrieve group or project audit events. Will this graphQL API be the same? But the doc also lists
- Do we have tests that verify the scope of each audit event type? E.g., tests that instance events aren't shown wherever only project events should be shown?
Links
Docs (but for existing group-level streaming feature): https://docs.gitlab.com/ee/administration/audit_event_streaming.html (required update noted: gitlab-com/www-gitlab-com!124301 (comment 1384888103))
Epic: gitlab-org&6125 (closed)
Parent epic: gitlab-org&5925 (closed)
Edited by Mark Lapierre