WAF Beyond DotCom
Problem
Cloudflare is a critical service in GitLab's infrastructure for .com. It is the gateway for traffic at the networks edge and provides GitLab with a highly reliable WAF. Other GitLab offerings and services including Dedicated are interested in using Cloudflare as a WAF solution.
As owners of Cloudflare, Foundations is best positioned to create a solution that allows Dedicated and other services to consume Cloudflare. In order to provide such a solution, first we need to be sure Cloudflare is mature and robust enough to require no manual implementation. If we provide it to other teams, it needs to be accessible, auditable, and have logging and monitoring built in.
Here we will increase the maturity level of the Cloudflare service and in parallel, work with Dedicated and other GitLab teams to understand requirements and limitations we to design a self-serve way for other teams to consume Cloudflare. Depending on how quickly that design comes together, we would plan on then building it in the next quarter.
Ref Epic: &1210