Merge branch '349588-remove-ff-external-audit-events-namespace' into 'master'

Remove feature flag `ff_external_audit_events_namespace` See merge request gitlab-org/gitlab!79117

Merge branch '349588-remove-ff-external-audit-events-namespace' into 'master'
Remove feature flag `ff_external_audit_events_namespace` See merge request gitlab-org/gitlab!79117
5a531fa6 · Pavel Shutsin · d5e275ec · 20720f53 · 5a531fa6 · 5a531fa6
Commit 5a531fa6 authored Jan 26, 2022 by Pavel Shutsin
12 changed files
--- a/doc/administration/audit_event_streaming.md
+++ b/doc/administration/audit_event_streaming.md
@@ -8,9 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332747) in GitLab 14.5 [with a flag](../administration/feature_flags.md) named `ff_external_audit_events_namespace`. Disabled by default.
 > - [Enabled on GitLab.com and by default on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/338939) in GitLab 14.7.
-
-FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature per group, ask an administrator to [disable the feature flag](../administration/feature_flags.md) named `ff_external_audit_events_namespace`. On GitLab.com, this feature is available.
+> - [Feature flag `ff_external_audit_events_namespace`](https://gitlab.com/gitlab-org/gitlab/-/issues/349588) removed in GitLab 14.8.

 Event streaming allows owners of top-level groups to set an HTTP endpoint to receive **all** audit events about the group, and its
 subgroups and projects as structured JSON.

--- a/ee/app/models/ee/audit_event.rb
+++ b/ee/app/models/ee/audit_event.rb
@@ -56,7 +56,6 @@ module EE

    def stream_to_external_destinations
      return if entity.nil?
-      return unless ::Feature.enabled?(:ff_external_audit_events_namespace, group_entity, default_enabled: :yaml)
      return unless group_entity&.licensed_feature_available?(:external_audit_events)

      AuditEvents::AuditEventStreamingWorker.perform_async(id)

--- a/ee/app/policies/ee/group_policy.rb
+++ b/ee/app/policies/ee/group_policy.rb
@@ -14,7 +14,7 @@ module EE
      condition(:iterations_available) { @subject.feature_available?(:iterations) }
      condition(:subepics_available) { @subject.feature_available?(:subepics) }
      condition(:external_audit_events_available) do
-        @subject.feature_available?(:external_audit_events) && ::Feature.enabled?(:ff_external_audit_events_namespace, @subject, default_enabled: :yaml)
+        @subject.feature_available?(:external_audit_events)
      end
      condition(:contribution_analytics_available) do
        @subject.feature_available?(:contribution_analytics)

--- a/ee/app/workers/audit_events/audit_event_streaming_worker.rb
+++ b/ee/app/workers/audit_events/audit_event_streaming_worker.rb
@@ -22,7 +22,6 @@ module AuditEvents
      group = group_entity(audit_event)

      return if group.nil? # Do nothing if the event can't be resolved to a single group.
-      return unless ::Feature.enabled?(:ff_external_audit_events_namespace, group, default_enabled: :yaml)
      return unless group.licensed_feature_available?(:external_audit_events)

      group.external_audit_event_destinations.each do |destination|

--- a/ee/config/feature_flags/development/ff_external_audit_events_namespace.yml
+++ b/ee/config/feature_flags/development/ff_external_audit_events_namespace.yml
---
-name: ff_external_audit_events_namespace
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70706
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/338939
-milestone: '14.4'
-type: development
-group: group::compliance
-default_enabled: true
--- a/ee/spec/models/ee/audit_event_spec.rb
+++ b/ee/spec/models/ee/audit_event_spec.rb
@@ -91,36 +91,14 @@ RSpec.describe AuditEvent, type: :model do
        let_it_be(:project) { create(:project, group: group) }
        let_it_be(:event) { create(:audit_event, :project_event, target_project: project) }

-        context 'when ff_external_audit_events_namespace is enabled' do
-          before do
-            stub_feature_flags(ff_external_audit_events_namespace: group.root_ancestor)
-          end
-
-          it 'enqueues one worker' do
-            expect(AuditEvents::AuditEventStreamingWorker).to receive(:perform_async).once
-
-            event.stream_to_external_destinations
-          end
+        it 'enqueues one worker' do
+          expect(AuditEvents::AuditEventStreamingWorker).to receive(:perform_async).once

-          context 'when entity is not a group or project' do
-            let_it_be(:event) { create(:user_audit_event) }
-
-            before do
-              stub_feature_flags(ff_external_audit_events_namespace: true)
-            end
-
-            it 'enqueues no workers' do
-              expect(AuditEvents::AuditEventStreamingWorker).not_to receive(:perform_async)
-
-              event.stream_to_external_destinations
-            end
-          end
+          event.stream_to_external_destinations
        end

-        context 'when ff_external_audit_events_namespace is disabled' do
-          before do
-            stub_feature_flags(ff_external_audit_events_namespace: false)
-          end
+        context 'when entity is not a group or project' do
+          let_it_be(:event) { create(:user_audit_event) }

          it 'enqueues no workers' do
            expect(AuditEvents::AuditEventStreamingWorker).not_to receive(:perform_async)
@@ -135,18 +113,6 @@ RSpec.describe AuditEvent, type: :model do

        event.stream_to_external_destinations
      end
-
-      context 'feature is disabled' do
-        before do
-          stub_feature_flags(ff_external_audit_events_namespace: false)
-        end
-
-        it 'enqueues no workers' do
-          expect(AuditEvents::AuditEventStreamingWorker).not_to receive(:perform_async)
-
-          event.stream_to_external_destinations
-        end
-      end
    end

    context 'feature is unlicensed' do

--- a/ee/spec/policies/group_policy_spec.rb
+++ b/ee/spec/policies/group_policy_spec.rb
@@ -1789,15 +1789,6 @@ RSpec.describe GroupPolicy do
  context 'external audit events' do
    let(:current_user) { owner }

-    context 'when feature is disabled' do
-      before do
-        stub_feature_flags(ff_external_audit_events_namespace: false)
-        stub_licensed_features(external_audit_events: true)
-      end
-
-      it { is_expected.to(be_disallowed(:admin_external_audit_events)) }
-    end
-
    context 'when license is disabled' do
      before do
        stub_licensed_features(external_audit_events: false)

--- a/ee/spec/requests/api/graphql/mutations/audit_events/external_audit_event_destinations/create_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/audit_events/external_audit_event_destinations/create_spec.rb
@@ -99,19 +99,6 @@ RSpec.describe 'Create an external audit event destination' do

      it_behaves_like 'a mutation that does not create a destination'
    end
-
-    context 'when feature is disabled' do
-      before do
-        stub_feature_flags(ff_external_audit_events_namespace: false)
-      end
-
-      it_behaves_like 'a mutation on an unauthorized resource'
-
-      it 'does not create the destination' do
-        expect { post_graphql_mutation(mutation, current_user: owner) }
-          .not_to change { AuditEvents::ExternalAuditEventDestination.count }
-      end
-    end
  end

  context 'when feature is unlicensed' do

--- a/ee/spec/requests/api/graphql/mutations/audit_events/external_audit_event_destinations/destroy_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/audit_events/external_audit_event_destinations/destroy_spec.rb
@@ -99,15 +99,6 @@ RSpec.describe 'Destroy an external audit event destination' do

      it_behaves_like 'a mutation that does not destroy a destination'
    end
-
-    context 'when feature is disabled' do
-      before do
-        stub_feature_flags(ff_external_audit_events_namespace: false)
-      end
-
-      it_behaves_like 'a mutation on an unauthorized resource'
-      it_behaves_like 'a mutation that does not destroy a destination'
-    end
  end

  context 'when feature is unlicensed' do

--- a/ee/spec/requests/api/graphql/mutations/audit_events/external_audit_event_destinations/update_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/audit_events/external_audit_event_destinations/update_spec.rb
@@ -100,19 +100,6 @@ RSpec.describe 'Update an external audit event destination' do

      it_behaves_like 'a mutation that does not update a destination'
    end
-
-    context 'when feature is disabled' do
-      before do
-        stub_feature_flags(ff_external_audit_events_namespace: false)
-      end
-
-      it_behaves_like 'a mutation on an unauthorized resource'
-
-      it 'does not update the destination' do
-        expect { post_graphql_mutation(mutation, current_user: owner) }
-          .not_to change { destination.reload.destination_url }
-      end
-    end
  end

  context 'when feature is unlicensed' do

--- a/ee/spec/services/audit_event_service_spec.rb
+++ b/ee/spec/services/audit_event_service_spec.rb
@@ -651,7 +651,6 @@ RSpec.describe AuditEventService, :request_store do

    before do
      stub_licensed_features(external_audit_events: true)
-      stub_feature_flags(ff_external_audit_events_namespace: group.root_ancestor)
    end

    subject(:event) { described_class.new(user, project, details, save_type).for_project.security_event }

--- a/ee/spec/workers/audit_events/audit_event_streaming_worker_spec.rb
+++ b/ee/spec/workers/audit_events/audit_event_streaming_worker_spec.rb
@@ -51,18 +51,6 @@ RSpec.describe AuditEvents::AuditEventStreamingWorker do
        subject
      end

-      context 'when feature is disabled' do
-        before do
-          stub_feature_flags(ff_external_audit_events_namespace: false)
-        end
-
-        it 'makes no HTTP calls' do
-          expect(Gitlab::HTTP).not_to receive(:post)
-
-          subject
-        end
-      end
-
      context 'when feature is unlicensed' do
        before do
          stub_licensed_features(external_audit_events: false)