From d203dc9707622436c01367f35615768a99d1c139 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20C=CC=8Cavoj?= <mcavoj@gitlab.com>
Date: Tue, 15 Aug 2023 15:40:28 +0200
Subject: [PATCH] Add metrics for Vulnerability Management actions
Changelog: added
EE: true
---
.../concerns/govern_usage_tracking.rb | 3 +-
.../ee/projects/pipelines_controller.rb | 4 +++
.../groups/security/dashboard_controller.rb | 3 ++
.../security/vulnerabilities_controller.rb | 3 ++
.../projects/security/dashboard_controller.rb | 2 ++
.../security/vulnerabilities_controller.rb | 2 ++
.../vulnerability_report_controller.rb | 3 ++
.../security/vulnerabilities_controller.rb | 13 ++++++++
...37_users_visiting_govern_pages_monthly.yml | 4 +++
...vulnerability_management_pages_monthly.yml | 29 +++++++++++++++++
...visiting_threat_insights_pages_monthly.yml | 31 +++++++++++++++++++
..._security_vulnerability_report_monthly.yml | 22 +++++++++++++
...rs_visiting_security_dashboard_monthly.yml | 22 +++++++++++++
...iting_security_vulnerabilities_monthly.yml | 22 +++++++++++++
...ers_visiting_pipeline_security_monthly.yml | 22 +++++++++++++
...736_users_visiting_govern_pages_weekly.yml | 4 +++
..._vulnerability_management_pages_weekly.yml | 29 +++++++++++++++++
..._visiting_threat_insights_pages_weekly.yml | 31 +++++++++++++++++++
...g_security_vulnerability_report_weekly.yml | 22 +++++++++++++
...ers_visiting_security_dashboard_weekly.yml | 22 +++++++++++++
...siting_security_vulnerabilities_weekly.yml | 22 +++++++++++++
...sers_visiting_pipeline_security_weekly.yml | 22 +++++++++++++
.../security/dashboard_controller_spec.rb | 12 +++++++
.../vulnerabilities_controller_spec.rb | 12 +++++++
.../projects/pipelines_controller_spec.rb | 16 ++++++----
.../security/dashboard_controller_spec.rb | 4 +++
.../vulnerabilities_controller_spec.rb | 12 +++++++
.../vulnerability_report_controller_spec.rb | 10 +++++-
.../vulnerabilities_controller_spec.rb | 8 +++++
29 files changed, 403 insertions(+), 8 deletions(-)
create mode 100644 ee/config/metrics/counts_28d/20230815130614_users_visiting_vulnerability_management_pages_monthly.yml
create mode 100644 ee/config/metrics/counts_28d/20230815131251_users_visiting_threat_insights_pages_monthly.yml
create mode 100644 ee/config/metrics/counts_28d/20230816131559_users_visiting_security_vulnerability_report_monthly.yml
create mode 100644 ee/config/metrics/counts_28d/20230816131802_users_visiting_security_dashboard_monthly.yml
create mode 100644 ee/config/metrics/counts_28d/20230816132116_users_visiting_security_vulnerabilities_monthly.yml
create mode 100644 ee/config/metrics/counts_28d/20230816132227_users_visiting_pipeline_security_monthly.yml
create mode 100644 ee/config/metrics/counts_7d/20230815130614_users_visiting_vulnerability_management_pages_weekly.yml
create mode 100644 ee/config/metrics/counts_7d/20230815131251_users_visiting_threat_insights_pages_weekly.yml
create mode 100644 ee/config/metrics/counts_7d/20230816131559_users_visiting_security_vulnerability_report_weekly.yml
create mode 100644 ee/config/metrics/counts_7d/20230816131802_users_visiting_security_dashboard_weekly.yml
create mode 100644 ee/config/metrics/counts_7d/20230816132116_users_visiting_security_vulnerabilities_weekly.yml
create mode 100644 ee/config/metrics/counts_7d/20230816132227_users_visiting_pipeline_security_weekly.yml
diff --git a/ee/app/controllers/concerns/govern_usage_tracking.rb b/ee/app/controllers/concerns/govern_usage_tracking.rb
index 2c828cd9e1469..4686764d1a7e0 100644
--- a/ee/app/controllers/concerns/govern_usage_tracking.rb
+++ b/ee/app/controllers/concerns/govern_usage_tracking.rb
@@ -5,11 +5,12 @@ module GovernUsageTracking
extend ActiveSupport::Concern
included do
- def self.track_govern_activity(page_name, *controller_actions)
+ def self.track_govern_activity(page_name, *controller_actions, conditions: nil)
track_event(*controller_actions,
name: "users_visiting_#{page_name}",
action: 'user_perform_visit',
label: "redis_hll_counters.govern.users_visiting_#{page_name}_monthly",
+ conditions: conditions,
destinations: %i[redis_hll snowplow]) { |context| context.current_user&.id }
end
end
diff --git a/ee/app/controllers/ee/projects/pipelines_controller.rb b/ee/app/controllers/ee/projects/pipelines_controller.rb
index 37ca87d57c3e8..7122f10bb4437 100644
--- a/ee/app/controllers/ee/projects/pipelines_controller.rb
+++ b/ee/app/controllers/ee/projects/pipelines_controller.rb
@@ -7,6 +7,8 @@ module PipelinesController
extend ::Gitlab::Utils::Override
prepended do
+ include GovernUsageProjectTracking
+
before_action :authorize_read_licenses!, only: [:licenses]
before_action do
push_frontend_feature_flag(:pipeline_security_dashboard_graphql, project, type: :development)
@@ -20,6 +22,8 @@ module PipelinesController
feature_category :code_quality, [:codequality_report]
urgency :low, [:codequality_report, :licenses, :security]
+ track_govern_activity 'pipeline_security', :security,
+ conditions: -> { pipeline.expose_security_dashboard? }
end
def security
diff --git a/ee/app/controllers/groups/security/dashboard_controller.rb b/ee/app/controllers/groups/security/dashboard_controller.rb
index f3d172ef88c2d..e3666d493a68a 100644
--- a/ee/app/controllers/groups/security/dashboard_controller.rb
+++ b/ee/app/controllers/groups/security/dashboard_controller.rb
@@ -1,9 +1,12 @@
# frozen_string_literal: true
class Groups::Security::DashboardController < Groups::ApplicationController
+ include GovernUsageGroupTracking
+
layout 'group'
feature_category :vulnerability_management
urgency :low
+ track_govern_activity 'security_dashboard', :show, conditions: :dashboard_available?
def show
render :unavailable unless dashboard_available?
diff --git a/ee/app/controllers/groups/security/vulnerabilities_controller.rb b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
index 2197043234822..d0c2937447726 100644
--- a/ee/app/controllers/groups/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
@@ -3,6 +3,8 @@
module Groups
module Security
class VulnerabilitiesController < Groups::ApplicationController
+ include GovernUsageGroupTracking
+
layout 'group'
before_action do
@@ -11,6 +13,7 @@ class VulnerabilitiesController < Groups::ApplicationController
feature_category :vulnerability_management
urgency :low
+ track_govern_activity 'security_vulnerabilities', :index, conditions: :dashboard_available?
def index
render :unavailable unless dashboard_available?
diff --git a/ee/app/controllers/projects/security/dashboard_controller.rb b/ee/app/controllers/projects/security/dashboard_controller.rb
index 75740b005d605..0ee233b9d2ced 100644
--- a/ee/app/controllers/projects/security/dashboard_controller.rb
+++ b/ee/app/controllers/projects/security/dashboard_controller.rb
@@ -5,6 +5,7 @@ module Security
class DashboardController < Projects::ApplicationController
include SecurityAndCompliancePermissions
include SecurityDashboardsPermissions
+ include GovernUsageProjectTracking
alias_method :vulnerable, :project
@@ -14,6 +15,7 @@ class DashboardController < Projects::ApplicationController
feature_category :vulnerability_management
urgency :low
+ track_govern_activity 'security_dashboard', :index
end
end
end
diff --git a/ee/app/controllers/projects/security/vulnerabilities_controller.rb b/ee/app/controllers/projects/security/vulnerabilities_controller.rb
index a54ea4456b47a..ecd7e81088f91 100644
--- a/ee/app/controllers/projects/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/projects/security/vulnerabilities_controller.rb
@@ -4,6 +4,7 @@ module Projects
module Security
class VulnerabilitiesController < Projects::ApplicationController
include IssuableActions
+ include GovernUsageProjectTracking
before_action do
push_frontend_feature_flag(:create_vulnerability_jira_issue_via_graphql, @project)
@@ -18,6 +19,7 @@ class VulnerabilitiesController < Projects::ApplicationController
feature_category :vulnerability_management
urgency :low
+ track_govern_activity 'security_vulnerabilities', :show
def show
push_force_frontend_feature_flag(
diff --git a/ee/app/controllers/projects/security/vulnerability_report_controller.rb b/ee/app/controllers/projects/security/vulnerability_report_controller.rb
index a4ca9b1f15a15..41f90814a72c6 100644
--- a/ee/app/controllers/projects/security/vulnerability_report_controller.rb
+++ b/ee/app/controllers/projects/security/vulnerability_report_controller.rb
@@ -3,6 +3,8 @@
module Projects
module Security
class VulnerabilityReportController < Projects::ApplicationController
+ include GovernUsageProjectTracking
+
before_action do
authorize_read_vulnerability!
push_frontend_feature_flag(:expose_dismissal_reason, @project)
@@ -10,6 +12,7 @@ class VulnerabilityReportController < Projects::ApplicationController
feature_category :vulnerability_management
urgency :low
+ track_govern_activity 'security_vulnerability_report', :index
alias_method :vulnerable, :project
end
diff --git a/ee/app/controllers/security/vulnerabilities_controller.rb b/ee/app/controllers/security/vulnerabilities_controller.rb
index 0e77e1bdb2d1d..ead229ee7c0db 100644
--- a/ee/app/controllers/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/security/vulnerabilities_controller.rb
@@ -3,9 +3,22 @@
module Security
class VulnerabilitiesController < ::Security::ApplicationController
layout 'instance_security'
+ include GovernUsageTracking
before_action do
push_frontend_feature_flag(:expose_dismissal_reason, @project)
end
+
+ track_govern_activity 'security_vulnerabilities', :index
+
+ private
+
+ def tracking_namespace_source
+ nil
+ end
+
+ def tracking_project_source
+ nil
+ end
end
end
diff --git a/ee/config/metrics/counts_28d/20230807111737_users_visiting_govern_pages_monthly.yml b/ee/config/metrics/counts_28d/20230807111737_users_visiting_govern_pages_monthly.yml
index 2ed925e63defe..348567871c104 100644
--- a/ee/config/metrics/counts_28d/20230807111737_users_visiting_govern_pages_monthly.yml
+++ b/ee/config/metrics/counts_28d/20230807111737_users_visiting_govern_pages_monthly.yml
@@ -22,6 +22,10 @@ options:
- users_creating_merge_requests_with_security_policies
- users_visiting_dependencies
- users_visiting_licenses
+ - users_visiting_security_vulnerability_report
+ - users_visiting_security_dashboard
+ - users_visiting_security_vulnerabilities
+ - users_visiting_pipeline_security
performance_indicator_type:
- smau
distribution:
diff --git a/ee/config/metrics/counts_28d/20230815130614_users_visiting_vulnerability_management_pages_monthly.yml b/ee/config/metrics/counts_28d/20230815130614_users_visiting_vulnerability_management_pages_monthly.yml
new file mode 100644
index 0000000000000..fd681a681432d
--- /dev/null
+++ b/ee/config/metrics/counts_28d/20230815130614_users_visiting_vulnerability_management_pages_monthly.yml
@@ -0,0 +1,29 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_vulnerability_management_pages_monthly
+description: Unique count of vulnerability management actions in a given month
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: AggregatedMetric
+options:
+ aggregate:
+ operator: OR
+ attribute: user_id
+ events:
+ - users_visiting_security_vulnerability_report
+ - users_visiting_security_dashboard
+ - users_visiting_security_vulnerabilities
+ - users_visiting_pipeline_security
+ - i_code_review_merge_request_widget_security_reports_expand
+performance_indicator_type: []
+distribution:
+- ee
+tier:
+- ultimate
diff --git a/ee/config/metrics/counts_28d/20230815131251_users_visiting_threat_insights_pages_monthly.yml b/ee/config/metrics/counts_28d/20230815131251_users_visiting_threat_insights_pages_monthly.yml
new file mode 100644
index 0000000000000..2afe92c6de940
--- /dev/null
+++ b/ee/config/metrics/counts_28d/20230815131251_users_visiting_threat_insights_pages_monthly.yml
@@ -0,0 +1,31 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_threat_insights_pages_monthly
+description: Unique count of threat insights actions in a given month
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: AggregatedMetric
+options:
+ aggregate:
+ operator: OR
+ attribute: user_id
+ events:
+ - users_visiting_security_vulnerability_report
+ - users_visiting_security_dashboard
+ - users_visiting_security_vulnerabilities
+ - users_visiting_pipeline_security
+ - users_visiting_dependencies
+ - users_visiting_licenses
+ - i_code_review_merge_request_widget_security_reports_expand
+performance_indicator_type: []
+distribution:
+- ee
+tier:
+- ultimate
diff --git a/ee/config/metrics/counts_28d/20230816131559_users_visiting_security_vulnerability_report_monthly.yml b/ee/config/metrics/counts_28d/20230816131559_users_visiting_security_vulnerability_report_monthly.yml
new file mode 100644
index 0000000000000..a1e7ce1384db9
--- /dev/null
+++ b/ee/config/metrics/counts_28d/20230816131559_users_visiting_security_vulnerability_report_monthly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_security_vulnerability_report_monthly
+description: Unique count of users visiting security vulnerability report in a given month
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_security_vulnerability_report
diff --git a/ee/config/metrics/counts_28d/20230816131802_users_visiting_security_dashboard_monthly.yml b/ee/config/metrics/counts_28d/20230816131802_users_visiting_security_dashboard_monthly.yml
new file mode 100644
index 0000000000000..6043681089e40
--- /dev/null
+++ b/ee/config/metrics/counts_28d/20230816131802_users_visiting_security_dashboard_monthly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_security_dashboard_monthly
+description: Unique count of users visiting security dashboard in a given month
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_security_dashboard
diff --git a/ee/config/metrics/counts_28d/20230816132116_users_visiting_security_vulnerabilities_monthly.yml b/ee/config/metrics/counts_28d/20230816132116_users_visiting_security_vulnerabilities_monthly.yml
new file mode 100644
index 0000000000000..f76e776900912
--- /dev/null
+++ b/ee/config/metrics/counts_28d/20230816132116_users_visiting_security_vulnerabilities_monthly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_security_vulnerabilities_monthly
+description: Unique count of users visiting security vulnerabilities in a given month
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_security_vulnerabilities
diff --git a/ee/config/metrics/counts_28d/20230816132227_users_visiting_pipeline_security_monthly.yml b/ee/config/metrics/counts_28d/20230816132227_users_visiting_pipeline_security_monthly.yml
new file mode 100644
index 0000000000000..9d2927bf3e267
--- /dev/null
+++ b/ee/config/metrics/counts_28d/20230816132227_users_visiting_pipeline_security_monthly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_pipeline_security_monthly
+description: Unique count of users visiting pipeline security in a given month
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_pipeline_security
diff --git a/ee/config/metrics/counts_7d/20230807111736_users_visiting_govern_pages_weekly.yml b/ee/config/metrics/counts_7d/20230807111736_users_visiting_govern_pages_weekly.yml
index e2e5875804752..e65f71956aad5 100644
--- a/ee/config/metrics/counts_7d/20230807111736_users_visiting_govern_pages_weekly.yml
+++ b/ee/config/metrics/counts_7d/20230807111736_users_visiting_govern_pages_weekly.yml
@@ -22,6 +22,10 @@ options:
- users_creating_merge_requests_with_security_policies
- users_visiting_dependencies
- users_visiting_licenses
+ - users_visiting_security_vulnerability_report
+ - users_visiting_security_dashboard
+ - users_visiting_security_vulnerabilities
+ - users_visiting_pipeline_security
performance_indicator_type:
- smau
distribution:
diff --git a/ee/config/metrics/counts_7d/20230815130614_users_visiting_vulnerability_management_pages_weekly.yml b/ee/config/metrics/counts_7d/20230815130614_users_visiting_vulnerability_management_pages_weekly.yml
new file mode 100644
index 0000000000000..664e2842a4bf7
--- /dev/null
+++ b/ee/config/metrics/counts_7d/20230815130614_users_visiting_vulnerability_management_pages_weekly.yml
@@ -0,0 +1,29 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_vulnerability_management_pages_weekly
+description: Unique count of vulnerability management actions in a given week
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: AggregatedMetric
+options:
+ aggregate:
+ operator: OR
+ attribute: user_id
+ events:
+ - users_visiting_security_vulnerability_report
+ - users_visiting_security_dashboard
+ - users_visiting_security_vulnerabilities
+ - users_visiting_pipeline_security
+ - i_code_review_merge_request_widget_security_reports_expand
+performance_indicator_type: []
+distribution:
+- ee
+tier:
+- ultimate
diff --git a/ee/config/metrics/counts_7d/20230815131251_users_visiting_threat_insights_pages_weekly.yml b/ee/config/metrics/counts_7d/20230815131251_users_visiting_threat_insights_pages_weekly.yml
new file mode 100644
index 0000000000000..a8d61a13345f7
--- /dev/null
+++ b/ee/config/metrics/counts_7d/20230815131251_users_visiting_threat_insights_pages_weekly.yml
@@ -0,0 +1,31 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_threat_insights_pages_weekly
+description: Unique count of threat insights actions in a given week
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: AggregatedMetric
+options:
+ aggregate:
+ operator: OR
+ attribute: user_id
+ events:
+ - users_visiting_security_vulnerability_report
+ - users_visiting_security_dashboard
+ - users_visiting_security_vulnerabilities
+ - users_visiting_pipeline_security
+ - users_visiting_dependencies
+ - users_visiting_licenses
+ - i_code_review_merge_request_widget_security_reports_expand
+performance_indicator_type: []
+distribution:
+- ee
+tier:
+- ultimate
diff --git a/ee/config/metrics/counts_7d/20230816131559_users_visiting_security_vulnerability_report_weekly.yml b/ee/config/metrics/counts_7d/20230816131559_users_visiting_security_vulnerability_report_weekly.yml
new file mode 100644
index 0000000000000..be11fcba1dcf1
--- /dev/null
+++ b/ee/config/metrics/counts_7d/20230816131559_users_visiting_security_vulnerability_report_weekly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_security_vulnerability_report_weekly
+description: Unique count of users visiting security vulnerability report in a given week
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_security_vulnerability_report
diff --git a/ee/config/metrics/counts_7d/20230816131802_users_visiting_security_dashboard_weekly.yml b/ee/config/metrics/counts_7d/20230816131802_users_visiting_security_dashboard_weekly.yml
new file mode 100644
index 0000000000000..b35ad09155ac9
--- /dev/null
+++ b/ee/config/metrics/counts_7d/20230816131802_users_visiting_security_dashboard_weekly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_security_dashboard_weekly
+description: Unique count of users visiting security dashboard in a given week
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_security_dashboard
diff --git a/ee/config/metrics/counts_7d/20230816132116_users_visiting_security_vulnerabilities_weekly.yml b/ee/config/metrics/counts_7d/20230816132116_users_visiting_security_vulnerabilities_weekly.yml
new file mode 100644
index 0000000000000..e19ddb5a13880
--- /dev/null
+++ b/ee/config/metrics/counts_7d/20230816132116_users_visiting_security_vulnerabilities_weekly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_security_vulnerabilities_weekly
+description: Unique count of users visiting security vulnerabilities in a given week
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_security_vulnerabilities
diff --git a/ee/config/metrics/counts_7d/20230816132227_users_visiting_pipeline_security_weekly.yml b/ee/config/metrics/counts_7d/20230816132227_users_visiting_pipeline_security_weekly.yml
new file mode 100644
index 0000000000000..a210afba23ab0
--- /dev/null
+++ b/ee/config/metrics/counts_7d/20230816132227_users_visiting_pipeline_security_weekly.yml
@@ -0,0 +1,22 @@
+---
+key_path: redis_hll_counters.govern.users_visiting_pipeline_security_weekly
+description: Unique count of users visiting pipeline security in a given week
+product_section: sec
+product_stage: govern
+product_group: threat_insights
+value_type: number
+status: active
+milestone: "16.3"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129482
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+ - ee
+tier:
+ - ultimate
+options:
+ events:
+ - users_visiting_pipeline_security
diff --git a/ee/spec/controllers/groups/security/dashboard_controller_spec.rb b/ee/spec/controllers/groups/security/dashboard_controller_spec.rb
index d2e6cdbdf7eff..691fd1bc4cd1b 100644
--- a/ee/spec/controllers/groups/security/dashboard_controller_spec.rb
+++ b/ee/spec/controllers/groups/security/dashboard_controller_spec.rb
@@ -25,17 +25,29 @@
it { is_expected.to have_gitlab_http_status(:ok) }
it { is_expected.to render_template(:show) }
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_dashboard' do
+ let(:request) { subject }
+ end
end
context 'when user is not allowed to access group security dashboard' do
it { is_expected.to have_gitlab_http_status(:ok) }
it { is_expected.to render_template(:unavailable) }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_dashboard' do
+ let(:request) { subject }
+ end
end
end
context 'when security dashboard feature is disabled' do
it { is_expected.to have_gitlab_http_status(:ok) }
it { is_expected.to render_template(:unavailable) }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_dashboard' do
+ let(:request) { subject }
+ end
end
end
end
diff --git a/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb b/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
index 02787272777db..0d4c8e8917bb2 100644
--- a/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
+++ b/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
@@ -24,17 +24,29 @@
end
it { is_expected.to have_gitlab_http_status(:ok) }
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_vulnerabilities' do
+ let(:request) { subject }
+ end
end
context 'when user is not allowed to access group security vulnerabilities' do
it { is_expected.to have_gitlab_http_status(:ok) }
it { is_expected.to render_template(:unavailable) }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_vulnerabilities' do
+ let(:request) { subject }
+ end
end
end
context 'when security dashboard feature is disabled' do
it { is_expected.to have_gitlab_http_status(:ok) }
it { is_expected.to render_template(:unavailable) }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_vulnerabilities' do
+ let(:request) { subject }
+ end
end
end
end
diff --git a/ee/spec/controllers/projects/pipelines_controller_spec.rb b/ee/spec/controllers/projects/pipelines_controller_spec.rb
index acc036bb234f7..0d4b292407580 100644
--- a/ee/spec/controllers/projects/pipelines_controller_spec.rb
+++ b/ee/spec/controllers/projects/pipelines_controller_spec.rb
@@ -16,6 +16,8 @@
describe 'GET security', feature_category: :vulnerability_management do
context 'with a sast artifact' do
+ let(:request) { get :security, params: { namespace_id: project.namespace, project_id: project, id: pipeline } }
+
before do
create(:ee_ci_build, :sast, pipeline: pipeline)
end
@@ -23,24 +25,26 @@
context 'with feature enabled' do
before do
stub_licensed_features(sast: true, security_dashboard: true)
-
- get :security, params: { namespace_id: project.namespace, project_id: project, id: pipeline }
end
it 'responds with a 200 and show the template' do
+ request
+
expect(response).to have_gitlab_http_status(:ok)
expect(response).to render_template :show
end
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_pipeline_security'
end
context 'with feature disabled' do
- before do
- get :security, params: { namespace_id: project.namespace, project_id: project, id: pipeline }
- end
-
it 'redirects to the pipeline page' do
+ request
+
expect(response).to redirect_to(pipeline_path(pipeline))
end
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_pipeline_security'
end
end
diff --git a/ee/spec/controllers/projects/security/dashboard_controller_spec.rb b/ee/spec/controllers/projects/security/dashboard_controller_spec.rb
index 0c0f63352fc0e..d7424ca1c9067 100644
--- a/ee/spec/controllers/projects/security/dashboard_controller_spec.rb
+++ b/ee/spec/controllers/projects/security/dashboard_controller_spec.rb
@@ -61,5 +61,9 @@ def show_security_dashboard(current_user = user)
expect(response.body).to have_css('div#js-project-security-dashboard[data-has-vulnerabilities="true"]')
end
end
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_dashboard' do
+ let(:request) { show_security_dashboard }
+ end
end
end
diff --git a/ee/spec/controllers/projects/security/vulnerabilities_controller_spec.rb b/ee/spec/controllers/projects/security/vulnerabilities_controller_spec.rb
index 83db5ffd9d0a4..4bd21d59811f7 100644
--- a/ee/spec/controllers/projects/security/vulnerabilities_controller_spec.rb
+++ b/ee/spec/controllers/projects/security/vulnerabilities_controller_spec.rb
@@ -21,6 +21,10 @@
end
it { is_expected.to have_gitlab_http_status(:not_found) }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_vulnerabilities' do
+ let(:request) { subject }
+ end
end
describe 'GET #new' do
@@ -81,6 +85,10 @@
expect(response.body).to have_css("#js-vulnerability-main")
end
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_vulnerabilities' do
+ let(:request) { show_vulnerability }
+ end
end
context "when there's no attached pipeline" do
@@ -93,6 +101,10 @@
expect(response).to render_template(:show)
expect(response.body).to have_text(vulnerability.title)
end
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_vulnerabilities' do
+ let(:request) { show_vulnerability }
+ end
end
end
diff --git a/ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb b/ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb
index 88548a58dd42b..529fca6c75288 100644
--- a/ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb
+++ b/ee/spec/controllers/projects/security/vulnerability_report_controller_spec.rb
@@ -4,7 +4,7 @@
RSpec.describe Projects::Security::VulnerabilityReportController, feature_category: :vulnerability_management do
let_it_be(:group) { create(:group) }
- let_it_be(:project) { create(:project, :repository, :public, namespace: group) }
+ let_it_be(:project, reload: true) { create(:project, :repository, :public, namespace: group) }
let_it_be(:user) { create(:user) }
before do
@@ -18,6 +18,10 @@
end
it { is_expected.to have_gitlab_http_status(:not_found) }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_vulnerability_report' do
+ let(:request) { subject }
+ end
end
describe 'GET #index' do
@@ -55,5 +59,9 @@
expect(response.body).to have_css('div#js-security-report-app[data-has-vulnerabilities="true"]')
end
end
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_vulnerability_report' do
+ let(:request) { show_security_dashboard }
+ end
end
end
diff --git a/ee/spec/controllers/security/vulnerabilities_controller_spec.rb b/ee/spec/controllers/security/vulnerabilities_controller_spec.rb
index 53a122bd43f5c..8986133971e13 100644
--- a/ee/spec/controllers/security/vulnerabilities_controller_spec.rb
+++ b/ee/spec/controllers/security/vulnerabilities_controller_spec.rb
@@ -25,11 +25,19 @@
end
it { is_expected.to render_template(:instance_security) }
+
+ it_behaves_like 'tracks govern usage event', 'users_visiting_security_vulnerabilities' do
+ let(:request) { subject }
+ end
end
context 'is disabled' do
it { is_expected.to have_gitlab_http_status(:not_found) }
it { is_expected.to render_template('errors/not_found') }
+
+ it_behaves_like "doesn't track govern usage event", 'users_visiting_security_vulnerabilities' do
+ let(:request) { subject }
+ end
end
end
end
--
GitLab