From f498491dced7b37d81d3f5ac3e8471029a20d699 Mon Sep 17 00:00:00 2001
From: Jayakrishnan Mallissery <jmallissery@gitlab.com>
Date: Thu, 6 Mar 2025 18:16:16 +0100
Subject: [PATCH] Track projects count that enabled secrets manager

This change is needed because we need to track the
number of projects that enabled the secrets manager.

We define the event and metric to track the
number of projects. We trigger the event when
the secrets manager is enabled for a project in
the `ProjectSecretsManagerInitialize` mutation.
---
 .../project_secrets_manager_initialize.rb     | 14 ++++++++++++++
 .../enable_ci_secrets_manager_for_project.yml | 18 ++++++++++++++++++
 ..._enable_ci_secrets_manager_for_project.yml | 19 +++++++++++++++++++
 ...project_secrets_manager_initialize_spec.rb | 16 ++++++++++++++++
 4 files changed, 67 insertions(+)
 create mode 100644 ee/config/events/enable_ci_secrets_manager_for_project.yml
 create mode 100644 ee/config/metrics/counts_all/count_total_enable_ci_secrets_manager_for_project.yml

diff --git a/ee/app/graphql/mutations/secrets_management/project_secrets_manager_initialize.rb b/ee/app/graphql/mutations/secrets_management/project_secrets_manager_initialize.rb
index 506ffe53290ae..33ce6f5808d82 100644
--- a/ee/app/graphql/mutations/secrets_management/project_secrets_manager_initialize.rb
+++ b/ee/app/graphql/mutations/secrets_management/project_secrets_manager_initialize.rb
@@ -6,6 +6,7 @@ class ProjectSecretsManagerInitialize < BaseMutation
       graphql_name 'ProjectSecretsManagerInitialize'
 
       include ResolvesProject
+      include Gitlab::InternalEventsTracking
 
       authorize :admin_project_secrets_manager
 
@@ -30,6 +31,7 @@ def resolve(project_path:)
           .execute
 
         if result.success?
+          track_event(project)
           {
             project_secrets_manager: result.payload[:project_secrets_manager],
             errors: []
@@ -44,6 +46,18 @@ def resolve(project_path:)
 
       private
 
+      def track_event(project)
+        track_internal_event(
+          'enable_ci_secrets_manager_for_project',
+          project: project,
+          user: current_user,
+          namespace: project.namespace,
+          additional_properties: {
+            label: 'graphql'
+          }
+        )
+      end
+
       def find_object(project_path:)
         resolve_project(full_path: project_path)
       end
diff --git a/ee/config/events/enable_ci_secrets_manager_for_project.yml b/ee/config/events/enable_ci_secrets_manager_for_project.yml
new file mode 100644
index 0000000000000..0a57ee5ed2de2
--- /dev/null
+++ b/ee/config/events/enable_ci_secrets_manager_for_project.yml
@@ -0,0 +1,18 @@
+---
+description: Enabling of the GitLab secrets manager for a project
+internal_events: true
+action: enable_ci_secrets_manager_for_project
+identifiers:
+- project
+- namespace
+- user
+additional_properties:
+  label:
+    description: '"How the enabling of secrets manager was triggered [graphql]"'
+product_group: pipeline_security
+product_categories:
+- secrets_management
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/183730
+tiers:
+- ultimate
diff --git a/ee/config/metrics/counts_all/count_total_enable_ci_secrets_manager_for_project.yml b/ee/config/metrics/counts_all/count_total_enable_ci_secrets_manager_for_project.yml
new file mode 100644
index 0000000000000..93f8789aa591f
--- /dev/null
+++ b/ee/config/metrics/counts_all/count_total_enable_ci_secrets_manager_for_project.yml
@@ -0,0 +1,19 @@
+---
+key_path: counts.count_total_enable_ci_secrets_manager_for_project
+description: Count of projects that have enabled the GitLab secrets manager
+product_group: pipeline_security
+product_categories:
+- secrets_management
+performance_indicator_type: []
+value_type: number
+status: active
+milestone: '17.10'
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/183730
+time_frame:
+- all
+data_source: internal_events
+data_category: optional
+tiers:
+- ultimate
+events:
+- name: enable_ci_secrets_manager_for_project
diff --git a/ee/spec/requests/api/graphql/secrets_management/project_secrets_manager_initialize_spec.rb b/ee/spec/requests/api/graphql/secrets_management/project_secrets_manager_initialize_spec.rb
index a3e07ea35fd34..831a88b25dd00 100644
--- a/ee/spec/requests/api/graphql/secrets_management/project_secrets_manager_initialize_spec.rb
+++ b/ee/spec/requests/api/graphql/secrets_management/project_secrets_manager_initialize_spec.rb
@@ -44,7 +44,21 @@
         ))
     end
 
+    it_behaves_like 'internal event tracking' do
+      let(:event) { 'enable_ci_secrets_manager_for_project' }
+      let(:namespace) { project.namespace }
+      let(:user) { current_user }
+      let(:category) { 'Mutations::SecretsManagement::ProjectSecretsManagerInitialize' }
+      let(:additional_properties) { { label: 'graphql' } }
+    end
+
     context 'and service results to a failure' do
+      before do
+        allow_next_instance_of(SecretsManagement::InitializeProjectSecretsManagerService) do |service|
+          allow(service).to receive(:execute).and_return(ServiceResponse.error(message: 'some error'))
+        end
+      end
+
       it 'returns the service error' do
         expect_next_instance_of(SecretsManagement::InitializeProjectSecretsManagerService) do |service|
           result = ServiceResponse.error(message: 'some error')
@@ -55,6 +69,8 @@
 
         expect(mutation_response['errors']).to include('some error')
       end
+
+      it_behaves_like 'internal event not tracked'
     end
 
     context 'and secrets_manager feature flag is disabled' do
-- 
GitLab